samlify 2.9.1 → 2.10.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/build/src/flow.js +30 -25
- package/build/src/flow.js.map +1 -1
- package/build/src/libsaml.js +142 -66
- package/build/src/libsaml.js.map +1 -1
- package/package.json +3 -2
- package/src/flow.ts +24 -23
- package/src/libsaml.ts +83 -41
- package/types/src/libsaml.d.ts +9 -4
package/CHANGELOG.md
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
# 2.10.1
|
|
2
|
+
|
|
3
|
+
* Changes to libsaml.ts verifySignature. This is an internal function, but we still document changes
|
|
4
|
+
- Does not raise error when signature is missing/invalid. Instead it now returns false. This is to simplify logic
|
|
5
|
+
- When there are encrypted assertions, returns the entire response, as the "verifiedAssertionNode"
|
|
6
|
+
|
|
7
|
+
* Fix logic around handling encrypted assertions
|
package/build/src/flow.js
CHANGED
|
@@ -179,7 +179,7 @@ function redirectFlow(options) {
|
|
|
179
179
|
// proceed the post flow
|
|
180
180
|
function postFlow(options) {
|
|
181
181
|
return __awaiter(this, void 0, void 0, function () {
|
|
182
|
-
var request, from, self, parserType, _a, checkSignature, body, direction, encodedRequest, samlContent, verificationOptions, decryptRequired, extractorFields, _b, verified, verifiedAssertionNode, result, _c,
|
|
182
|
+
var request, from, self, parserType, _a, checkSignature, body, direction, encodedRequest, samlContent, verificationOptions, decryptRequired, extractorFields, _b, verified, verifiedAssertionNode, result, result, decryptedDoc, _c, decryptedDocVerified, verifiedDecryptedAssertion, parseResult, targetEntityMetadata, issuer, extractedProperties;
|
|
183
183
|
return __generator(this, function (_d) {
|
|
184
184
|
switch (_d.label) {
|
|
185
185
|
case 0:
|
|
@@ -207,36 +207,41 @@ function postFlow(options) {
|
|
|
207
207
|
case 2:
|
|
208
208
|
// check status based on different scenarios
|
|
209
209
|
_d.sent();
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
if (!verified) {
|
|
215
|
-
return [2 /*return*/, Promise.reject('ERR_FAIL_TO_VERIFY_ETS_SIGNATURE')];
|
|
216
|
-
}
|
|
217
|
-
if (!decryptRequired) {
|
|
218
|
-
extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
|
|
219
|
-
}
|
|
220
|
-
}
|
|
221
|
-
if (!(parserType === 'SAMLResponse' && decryptRequired)) return [3 /*break*/, 4];
|
|
222
|
-
return [4 /*yield*/, libsaml_1.default.decryptAssertion(self, samlContent)];
|
|
210
|
+
if (!checkSignature) return [3 /*break*/, 7];
|
|
211
|
+
_b = __read(libsaml_1.default.verifySignature(samlContent, verificationOptions), 2), verified = _b[0], verifiedAssertionNode = _b[1];
|
|
212
|
+
if (!(decryptRequired && verified && parserType === 'SAMLResponse' && verifiedAssertionNode)) return [3 /*break*/, 4];
|
|
213
|
+
return [4 /*yield*/, libsaml_1.default.decryptAssertion(self, verifiedAssertionNode)];
|
|
223
214
|
case 3:
|
|
224
215
|
result = _d.sent();
|
|
225
216
|
samlContent = result[0];
|
|
217
|
+
// extractor depends on signed content
|
|
226
218
|
extractorFields = getDefaultExtractorFields(parserType, result[1]);
|
|
227
|
-
|
|
219
|
+
return [3 /*break*/, 7];
|
|
228
220
|
case 4:
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
236
|
-
|
|
237
|
-
|
|
238
|
-
|
|
221
|
+
if (!(decryptRequired && !verified)) return [3 /*break*/, 6];
|
|
222
|
+
return [4 /*yield*/, libsaml_1.default.decryptAssertion(self, samlContent)];
|
|
223
|
+
case 5:
|
|
224
|
+
result = _d.sent();
|
|
225
|
+
decryptedDoc = result[0];
|
|
226
|
+
_c = __read(libsaml_1.default.verifySignature(decryptedDoc, verificationOptions), 2), decryptedDocVerified = _c[0], verifiedDecryptedAssertion = _c[1];
|
|
227
|
+
if (decryptedDocVerified) {
|
|
228
|
+
// extractor depends on signed content
|
|
229
|
+
extractorFields = getDefaultExtractorFields(parserType, verifiedDecryptedAssertion);
|
|
230
|
+
}
|
|
231
|
+
else {
|
|
232
|
+
return [2 /*return*/, Promise.reject('FAILED_TO_VERIFY_SIGNATURE')];
|
|
233
|
+
}
|
|
234
|
+
return [3 /*break*/, 7];
|
|
235
|
+
case 6:
|
|
236
|
+
if (verified) {
|
|
237
|
+
// extractor depends on signed content
|
|
238
|
+
extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
|
|
239
|
+
}
|
|
240
|
+
else {
|
|
241
|
+
return [2 /*return*/, Promise.reject('FAILED_TO_VERIFY_SIGNATURE')];
|
|
239
242
|
}
|
|
243
|
+
_d.label = 7;
|
|
244
|
+
case 7:
|
|
240
245
|
parseResult = {
|
|
241
246
|
samlContent: samlContent,
|
|
242
247
|
extract: (0, extractor_1.extract)(samlContent, extractorFields),
|
package/build/src/flow.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"flow.js","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAwD;AACxD,yCAAyC;AACzC,sDAAgC;AAChC,yCASqB;AAErB,6BAMe;AAEf,IAAM,QAAQ,GAAG,aAAO,CAAC,OAAO,CAAC;AACjC,IAAM,SAAS,GAAG,aAAO,CAAC,SAAS,CAAC;AAQpC,2DAA2D;AAC3D,SAAS,yBAAyB,CAAC,UAAsB,EAAE,SAAe;IACxE,QAAQ,UAAU,EAAE;QAClB,KAAK,gBAAU,CAAC,WAAW;YACzB,OAAO,8BAAkB,CAAC;QAC5B,KAAK,gBAAU,CAAC,YAAY;YAC1B,IAAI,CAAC,SAAS,EAAE;gBACd,iBAAiB;gBACjB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;aACxC;YACD,OAAO,IAAA,+BAAmB,EAAC,SAAS,CAAC,CAAC;QACxC,KAAK,gBAAU,CAAC,aAAa;YAC3B,OAAO,+BAAmB,CAAC;QAC7B,KAAK,gBAAU,CAAC,cAAc;YAC5B,OAAO,gCAAoB,CAAC;QAC9B;YACE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;KAC/C;AACH,CAAC;AAED,oCAAoC;AACpC,SAAe,YAAY,CAAC,OAAO;;;;;;oBAEzB,OAAO,GAAoD,OAAO,QAA3D,EAAE,UAAU,GAAwC,OAAO,WAA/C,EAAE,IAAI,GAAkC,OAAO,KAAzC,EAAE,KAAgC,OAAO,eAAlB,EAArB,cAAc,mBAAG,IAAI,KAAA,EAAE,IAAI,GAAK,OAAO,KAAZ,CAAa;oBACnE,KAAK,GAAkB,OAAO,MAAzB,EAAE,WAAW,GAAK,OAAO,YAAZ,CAAa;oBACvB,MAAM,GAA2B,KAAK,OAAhC,EAAa,SAAS,GAAK,KAAK,UAAV,CAAW;oBAEjD,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC;oBAGvC,SAAS,GAAG,iBAAO,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;oBACpD,OAAO,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;oBAEjC,sCAAsC;oBACtC,IAAI,OAAO,KAAK,SAAS,EAAE;wBACzB,sBAAO,OAAO,CAAC,MAAM,CAAC,4BAA4B,CAAC,EAAC;qBACrD;oBAEK,SAAS,GAAG,IAAA,uBAAa,EAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC;;;;oBAI3D,qBAAM,iBAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAA;;oBAAnC,SAAmC,CAAC;;;;oBAEpC,sBAAO,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAC;;gBAG3C,4CAA4C;gBAC5C,qBAAM,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,EAAA;;oBADxC,4CAA4C;oBAC5C,SAAwC,CAAC;oBAErC,SAAS,GAAW,EAAE,CAAC;oBAE3B,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,EAAC;wBAElC,WAAW,GAAG,IAAA,mBAAO,EAAC,SAAS,EAAE,CAAC;gCACtC,GAAG,EAAE,WAAW;gCAChB,SAAS,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;gCACrC,UAAU,EAAE,EAAE;gCACd,OAAO,EAAE,IAAI;6BACd,CAAC,CAAC,CAAC;wBACJ,IAAI,WAAW,IAAI,WAAW,CAAC,SAAS,EAAC;4BACvC,SAAS,GAAG,WAAW,CAAC,SAAmB,CAAC;yBAC7C;qBACF;oBAEK,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;oBAEjG,WAAW,GAAmE;wBAClF,WAAW,EAAE,SAAS;wBACtB,MAAM,EAAE,IAAI;wBACZ,OAAO,EAAE,IAAA,mBAAO,EAAC,SAAS,EAAE,eAAe,CAAC;qBAC7C,CAAC;oBAEF,qCAAqC;oBACrC,0CAA0C;oBAC1C,IAAI,cAAc,EAAE;wBAClB,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM,EAAE;4BACzB,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;yBAC9C;wBAGK,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,CAAC;wBACvE,YAAY,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;wBAE1C,QAAQ,GAAG,iBAAO,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;wBAE5G,IAAI,CAAC,QAAQ,EAAE;4BACb,mCAAmC;4BACnC,sBAAO,OAAO,CAAC,MAAM,CAAC,2CAA2C,CAAC,EAAC;yBACpE;wBAED,WAAW,CAAC,MAAM,GAAG,YAAY,CAAC;qBACnC;oBAKK,MAAM,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;oBAC5C,mBAAmB,GAAG,WAAW,CAAC,OAAO,CAAC;oBAEhD,mBAAmB;oBACnB,IACE,CAAC,UAAU,KAAK,gBAAgB,IAAI,UAAU,KAAK,cAAc,CAAC;2BAC/D,mBAAmB;2BACnB,mBAAmB,CAAC,MAAM,KAAK,MAAM,EACxC;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAC;qBAC7C;oBAED,uBAAuB;oBACvB,4DAA4D;oBAC5D,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,YAAY,CAAC,mBAAmB;2BACpD,CAAC,IAAA,sBAAU,EACZ,SAAS,EACT,mBAAmB,CAAC,YAAY,CAAC,mBAAmB,EACpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;qBAC9C;oBAED,eAAe;oBACf,8EAA8E;oBAC9E,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,UAAU;2BAC9B,CAAC,IAAA,sBAAU,EACZ,mBAAmB,CAAC,UAAU,CAAC,SAAS,EACxC,mBAAmB,CAAC,UAAU,CAAC,YAAY,EAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAC;qBAClD;oBAED,sBAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAC;;;;CACrC;AAED,wBAAwB;AACxB,SAAe,QAAQ,CAAC,OAAO;;;;;;oBAG3B,OAAO,GAKL,OAAO,QALF,EACP,IAAI,GAIF,OAAO,KAJL,EACJ,IAAI,GAGF,OAAO,KAHL,EACJ,UAAU,GAER,OAAO,WAFC,EACV,KACE,OAAO,eADY,EAArB,cAAc,mBAAG,IAAI,KAAA,CACX;oBAEJ,IAAI,GAAK,OAAO,KAAZ,CAAa;oBAEnB,SAAS,GAAG,iBAAO,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;oBACpD,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;oBAEnC,WAAW,GAAG,MAAM,CAAC,IAAA,sBAAY,EAAC,cAAc,CAAC,CAAC,CAAC;oBAEjD,mBAAmB,GAAG;wBAC1B,QAAQ,EAAE,IAAI,CAAC,UAAU;wBACzB,kBAAkB,EAAE,IAAI,CAAC,aAAa,CAAC,yBAAyB;qBACjE,CAAC;oBAEI,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC;oBAE5D,eAAe,GAAoB,EAAE,CAAC;oBAE1C,yBAAyB;oBACzB,qBAAM,iBAAO,CAAC,UAAU,CAAC,WAAW,CAAC,EAAA;;oBADrC,yBAAyB;oBACzB,SAAqC,CAAC;oBAEtC,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,EAAE;wBACzC,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;qBAC/D;oBAED,4CAA4C;oBAC5C,qBAAM,WAAW,CAAC,WAAW,EAAE,UAAU,CAAC,EAAA;;oBAD1C,4CAA4C;oBAC5C,SAA0C,CAAC;oBAE3C,gGAAgG;oBAChG,IACE,cAAc;wBACd,IAAI,CAAC,aAAa,CAAC,mBAAmB,KAAK,2BAAqB,CAAC,GAAG,EACpE;wBACM,KAAA,OAAoC,iBAAO,CAAC,eAAe,CAAC,WAAW,EAAE,mBAAmB,CAAC,IAAA,EAA5F,QAAQ,QAAA,EAAE,qBAAqB,QAAA,CAA8D;wBACpG,IAAI,CAAC,QAAQ,EAAE;4BACb,sBAAO,OAAO,CAAC,MAAM,CAAC,kCAAkC,CAAC,EAAC;yBAC3D;wBACD,IAAI,CAAC,eAAe,EAAE;4BACpB,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,qBAAqB,CAAC,CAAC;yBAChF;qBACF;yBAEG,CAAA,UAAU,KAAK,cAAc,IAAI,eAAe,CAAA,EAAhD,wBAAgD;oBACnC,qBAAM,iBAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,WAAW,CAAC,EAAA;;oBAA1D,MAAM,GAAG,SAAiD;oBAChE,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;oBACxB,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;;;oBAGrE,gGAAgG;oBAChG,IACE,cAAc;wBACd,IAAI,CAAC,aAAa,CAAC,mBAAmB,KAAK,2BAAqB,CAAC,GAAG,EACpE;wBACM,KAAA,OAAoC,iBAAO,CAAC,eAAe,CAAC,WAAW,EAAE,mBAAmB,CAAC,IAAA,EAA5F,QAAQ,QAAA,EAAE,qBAAqB,QAAA,CAA8D;wBACpG,IAAI,QAAQ,EAAE;4BACZ,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,qBAAqB,CAAC,CAAC;yBAChF;6BAAM;4BACL,sBAAO,OAAO,CAAC,MAAM,CAAC,kCAAkC,CAAC,EAAC;yBAC3D;qBACF;oBAEK,WAAW,GAAG;wBAClB,WAAW,EAAE,WAAW;wBACxB,OAAO,EAAE,IAAA,mBAAO,EAAC,WAAW,EAAE,eAAe,CAAC;qBAC/C,CAAC;oBAKI,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC;oBACvC,MAAM,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;oBAC5C,mBAAmB,GAAG,WAAW,CAAC,OAAO,CAAC;oBAEhD,mBAAmB;oBACnB,IACE,CAAC,UAAU,KAAK,gBAAgB,IAAI,UAAU,KAAK,cAAc,CAAC;2BAC/D,mBAAmB;2BACnB,mBAAmB,CAAC,MAAM,KAAK,MAAM,EACxC;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAC;qBAC7C;oBAED,uBAAuB;oBACvB,4DAA4D;oBAC5D,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,YAAY,CAAC,mBAAmB;2BACpD,CAAC,IAAA,sBAAU,EACZ,SAAS,EACT,mBAAmB,CAAC,YAAY,CAAC,mBAAmB,EACpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;qBAC9C;oBAED,eAAe;oBACf,8EAA8E;oBAC9E,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,UAAU;2BAC9B,CAAC,IAAA,sBAAU,EACZ,mBAAmB,CAAC,UAAU,CAAC,SAAS,EACxC,mBAAmB,CAAC,UAAU,CAAC,YAAY,EAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAC;qBAClD;oBAED,sBAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAC;;;;CACrC;AAGD,4CAA4C;AAC5C,SAAe,kBAAkB,CAAC,OAAO;;;;;;oBAE/B,OAAO,GAAoD,OAAO,QAA3D,EAAE,UAAU,GAAwC,OAAO,WAA/C,EAAE,IAAI,GAAkC,OAAO,KAAzC,EAAE,KAAgC,OAAO,eAAlB,EAArB,cAAc,mBAAG,IAAI,KAAA,EAAE,IAAI,GAAK,OAAO,KAAZ,CAAa;oBAEnE,IAAI,GAAkB,OAAO,KAAzB,EAAE,WAAW,GAAK,OAAO,YAAZ,CAAa;oBAEhC,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC;oBAGvC,SAAS,GAAG,iBAAO,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;oBACpD,cAAc,GAAW,IAAI,CAAC,SAAS,CAAC,CAAC;oBACzC,MAAM,GAAW,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAChC,SAAS,GAAW,IAAI,CAAC,WAAW,CAAC,CAAC;oBAE5C,sCAAsC;oBACtC,IAAI,cAAc,KAAK,SAAS,EAAE;wBAChC,sBAAO,OAAO,CAAC,MAAM,CAAC,8BAA8B,CAAC,EAAC;qBACvD;oBAEK,SAAS,GAAG,MAAM,CAAC,IAAA,sBAAY,EAAC,cAAc,CAAC,CAAC,CAAC;;;;oBAIrD,qBAAM,iBAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAA;;oBAAnC,SAAmC,CAAC;;;;oBAEpC,sBAAO,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAC;;gBAG3C,4CAA4C;gBAC5C,qBAAM,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,EAAA;;oBADxC,4CAA4C;oBAC5C,SAAwC,CAAC;oBAErC,SAAS,GAAW,EAAE,CAAC;oBAE3B,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,EAAC;wBAElC,WAAW,GAAG,IAAA,mBAAO,EAAC,SAAS,EAAE,CAAC;gCACtC,GAAG,EAAE,WAAW;gCAChB,SAAS,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;gCACrC,UAAU,EAAE,EAAE;gCACd,OAAO,EAAE,IAAI;6BACd,CAAC,CAAC,CAAC;wBACJ,IAAI,WAAW,IAAI,WAAW,CAAC,SAAS,EAAC;4BACvC,SAAS,GAAG,WAAW,CAAC,SAAmB,CAAC;yBAC7C;qBACF;oBAEK,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;oBAEjG,WAAW,GAAmE;wBAClF,WAAW,EAAE,SAAS;wBACtB,MAAM,EAAE,IAAI;wBACZ,OAAO,EAAE,IAAA,mBAAO,EAAC,SAAS,EAAE,eAAe,CAAC;qBAC7C,CAAC;oBAEF,qCAAqC;oBACrC,0CAA0C;oBAC1C,IAAI,cAAc,EAAE;wBAClB,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM,EAAE;4BACzB,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;yBAC9C;wBAGK,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;wBAEnD,QAAQ,GAAG,iBAAO,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;wBAE5G,IAAI,CAAC,QAAQ,EAAE;4BACb,mCAAmC;4BACnC,sBAAO,OAAO,CAAC,MAAM,CAAC,2CAA2C,CAAC,EAAC;yBACpE;wBAED,WAAW,CAAC,MAAM,GAAG,MAAM,CAAC;qBAC7B;oBAKK,MAAM,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;oBAC5C,mBAAmB,GAAG,WAAW,CAAC,OAAO,CAAC;oBAEhD,mBAAmB;oBACnB,IACE,CAAC,UAAU,KAAK,gBAAgB,IAAI,UAAU,KAAK,cAAc,CAAC;2BAC/D,mBAAmB;2BACnB,mBAAmB,CAAC,MAAM,KAAK,MAAM,EACxC;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAC;qBAC7C;oBAED,uBAAuB;oBACvB,4DAA4D;oBAC5D,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,YAAY,CAAC,mBAAmB;2BACpD,CAAC,IAAA,sBAAU,EACZ,SAAS,EACT,mBAAmB,CAAC,YAAY,CAAC,mBAAmB,EACpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;qBAC9C;oBAED,eAAe;oBACf,8EAA8E;oBAC9E,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,UAAU;2BAC9B,CAAC,IAAA,sBAAU,EACZ,mBAAmB,CAAC,UAAU,CAAC,SAAS,EACxC,mBAAmB,CAAC,UAAU,CAAC,YAAY,EAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAC;qBAClD;oBAED,sBAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAC;;;;CACrC;AAGD,SAAS,WAAW,CAAC,OAAe,EAAE,UAAkB;IAEtD,6BAA6B;IAC7B,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,IAAI,UAAU,KAAK,SAAS,CAAC,cAAc,EAAE;QACpF,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;KACnC;IAED,IAAM,MAAM,GAAG,UAAU,KAAK,SAAS,CAAC,YAAY;QAClD,CAAC,CAAC,qCAAyB;QAC3B,CAAC,CAAC,sCAA0B,CAAC;IAEzB,IAAA,KAAgB,IAAA,mBAAO,EAAC,OAAO,EAAE,MAAM,CAAC,EAAvC,GAAG,SAAA,EAAE,MAAM,YAA4B,CAAC;IAE/C,oDAAoD;IACpD,IAAI,GAAG,KAAK,gBAAU,CAAC,OAAO,EAAE;QAC9B,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;KAC9B;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;KACzC;IAED,mDAAmD;IACnD,MAAM,IAAI,KAAK,CAAC,gDAAyC,GAAG,iCAAuB,MAAM,CAAE,CAAC,CAAC;AAC/F,CAAC;AAED,SAAgB,IAAI,CAAC,OAAO;IAE1B,IAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAChC,IAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAEtC,OAAO,CAAC,eAAe,GAAG,CAAC,sBAAgB,CAAC,QAAQ,EAAE,sBAAgB,CAAC,IAAI,EAAE,sBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1G,uCAAuC;IACvC,IAAI,UAAU,KAAK,gBAAU,CAAC,YAAY,EAAE;QAC1C,OAAO,CAAC,eAAe,GAAG,CAAC,sBAAgB,CAAC,IAAI,EAAE,sBAAgB,CAAC,QAAQ,EAAE,sBAAgB,CAAC,UAAU,CAAC,CAAC;KAC3G;IAED,IAAI,OAAO,KAAK,QAAQ,CAAC,IAAI,EAAE;QAC7B,OAAO,QAAQ,CAAC,OAAO,CAAC,CAAC;KAC1B;IAED,IAAI,OAAO,KAAK,QAAQ,CAAC,QAAQ,EAAE;QACjC,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;KAC9B;IAED,IAAI,OAAO,KAAK,QAAQ,CAAC,UAAU,EAAE;QACnC,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;KACpC;IAED,OAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;AAE/C,CAAC;AAzBD,oBAyBC"}
|
|
1
|
+
{"version":3,"file":"flow.js","sourceRoot":"","sources":["../../src/flow.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,qCAAwD;AACxD,yCAAyC;AACzC,sDAAgC;AAChC,yCASqB;AAErB,6BAMe;AAEf,IAAM,QAAQ,GAAG,aAAO,CAAC,OAAO,CAAC;AACjC,IAAM,SAAS,GAAG,aAAO,CAAC,SAAS,CAAC;AAQpC,2DAA2D;AAC3D,SAAS,yBAAyB,CAAC,UAAsB,EAAE,SAAe;IACxE,QAAQ,UAAU,EAAE;QAClB,KAAK,gBAAU,CAAC,WAAW;YACzB,OAAO,8BAAkB,CAAC;QAC5B,KAAK,gBAAU,CAAC,YAAY;YAC1B,IAAI,CAAC,SAAS,EAAE;gBACd,iBAAiB;gBACjB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;aACxC;YACD,OAAO,IAAA,+BAAmB,EAAC,SAAS,CAAC,CAAC;QACxC,KAAK,gBAAU,CAAC,aAAa;YAC3B,OAAO,+BAAmB,CAAC;QAC7B,KAAK,gBAAU,CAAC,cAAc;YAC5B,OAAO,gCAAoB,CAAC;QAC9B;YACE,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAC;KAC/C;AACH,CAAC;AAED,oCAAoC;AACpC,SAAe,YAAY,CAAC,OAAO;;;;;;oBAEzB,OAAO,GAAoD,OAAO,QAA3D,EAAE,UAAU,GAAwC,OAAO,WAA/C,EAAE,IAAI,GAAkC,OAAO,KAAzC,EAAE,KAAgC,OAAO,eAAlB,EAArB,cAAc,mBAAG,IAAI,KAAA,EAAE,IAAI,GAAK,OAAO,KAAZ,CAAa;oBACnE,KAAK,GAAkB,OAAO,MAAzB,EAAE,WAAW,GAAK,OAAO,YAAZ,CAAa;oBACvB,MAAM,GAA2B,KAAK,OAAhC,EAAa,SAAS,GAAK,KAAK,UAAV,CAAW;oBAEjD,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC;oBAGvC,SAAS,GAAG,iBAAO,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;oBACpD,OAAO,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;oBAEjC,sCAAsC;oBACtC,IAAI,OAAO,KAAK,SAAS,EAAE;wBACzB,sBAAO,OAAO,CAAC,MAAM,CAAC,4BAA4B,CAAC,EAAC;qBACrD;oBAEK,SAAS,GAAG,IAAA,uBAAa,EAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC;;;;oBAI3D,qBAAM,iBAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAA;;oBAAnC,SAAmC,CAAC;;;;oBAEpC,sBAAO,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAC;;gBAG3C,4CAA4C;gBAC5C,qBAAM,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,EAAA;;oBADxC,4CAA4C;oBAC5C,SAAwC,CAAC;oBAErC,SAAS,GAAW,EAAE,CAAC;oBAE3B,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,EAAC;wBAElC,WAAW,GAAG,IAAA,mBAAO,EAAC,SAAS,EAAE,CAAC;gCACtC,GAAG,EAAE,WAAW;gCAChB,SAAS,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;gCACrC,UAAU,EAAE,EAAE;gCACd,OAAO,EAAE,IAAI;6BACd,CAAC,CAAC,CAAC;wBACJ,IAAI,WAAW,IAAI,WAAW,CAAC,SAAS,EAAC;4BACvC,SAAS,GAAG,WAAW,CAAC,SAAmB,CAAC;yBAC7C;qBACF;oBAEK,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;oBAEjG,WAAW,GAAmE;wBAClF,WAAW,EAAE,SAAS;wBACtB,MAAM,EAAE,IAAI;wBACZ,OAAO,EAAE,IAAA,mBAAO,EAAC,SAAS,EAAE,eAAe,CAAC;qBAC7C,CAAC;oBAEF,qCAAqC;oBACrC,0CAA0C;oBAC1C,IAAI,cAAc,EAAE;wBAClB,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM,EAAE;4BACzB,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;yBAC9C;wBAGK,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,CAAC;wBACvE,YAAY,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;wBAE1C,QAAQ,GAAG,iBAAO,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;wBAE5G,IAAI,CAAC,QAAQ,EAAE;4BACb,mCAAmC;4BACnC,sBAAO,OAAO,CAAC,MAAM,CAAC,2CAA2C,CAAC,EAAC;yBACpE;wBAED,WAAW,CAAC,MAAM,GAAG,YAAY,CAAC;qBACnC;oBAKK,MAAM,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;oBAC5C,mBAAmB,GAAG,WAAW,CAAC,OAAO,CAAC;oBAEhD,mBAAmB;oBACnB,IACE,CAAC,UAAU,KAAK,gBAAgB,IAAI,UAAU,KAAK,cAAc,CAAC;2BAC/D,mBAAmB;2BACnB,mBAAmB,CAAC,MAAM,KAAK,MAAM,EACxC;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAC;qBAC7C;oBAED,uBAAuB;oBACvB,4DAA4D;oBAC5D,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,YAAY,CAAC,mBAAmB;2BACpD,CAAC,IAAA,sBAAU,EACZ,SAAS,EACT,mBAAmB,CAAC,YAAY,CAAC,mBAAmB,EACpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;qBAC9C;oBAED,eAAe;oBACf,8EAA8E;oBAC9E,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,UAAU;2BAC9B,CAAC,IAAA,sBAAU,EACZ,mBAAmB,CAAC,UAAU,CAAC,SAAS,EACxC,mBAAmB,CAAC,UAAU,CAAC,YAAY,EAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAC;qBAClD;oBAED,sBAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAC;;;;CACrC;AAED,wBAAwB;AACxB,SAAe,QAAQ,CAAC,OAAO;;;;;;oBAG3B,OAAO,GAKL,OAAO,QALF,EACP,IAAI,GAIF,OAAO,KAJL,EACJ,IAAI,GAGF,OAAO,KAHL,EACJ,UAAU,GAER,OAAO,WAFC,EACV,KACE,OAAO,eADY,EAArB,cAAc,mBAAG,IAAI,KAAA,CACX;oBAEJ,IAAI,GAAK,OAAO,KAAZ,CAAa;oBAEnB,SAAS,GAAG,iBAAO,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;oBACpD,cAAc,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;oBAEnC,WAAW,GAAG,MAAM,CAAC,IAAA,sBAAY,EAAC,cAAc,CAAC,CAAC,CAAC;oBAEjD,mBAAmB,GAAG;wBAC1B,QAAQ,EAAE,IAAI,CAAC,UAAU;wBACzB,kBAAkB,EAAE,IAAI,CAAC,aAAa,CAAC,yBAAyB;qBACjE,CAAC;oBAEI,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAC;oBAE5D,eAAe,GAAoB,EAAE,CAAC;oBAE1C,yBAAyB;oBACzB,qBAAM,iBAAO,CAAC,UAAU,CAAC,WAAW,CAAC,EAAA;;oBADrC,yBAAyB;oBACzB,SAAqC,CAAC;oBAEtC,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,EAAE;wBACzC,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;qBAC/D;oBAED,4CAA4C;oBAC5C,qBAAM,WAAW,CAAC,WAAW,EAAE,UAAU,CAAC,EAAA;;oBAD1C,4CAA4C;oBAC5C,SAA0C,CAAC;yBAIzC,cAAc,EAAd,wBAAc;oBAGR,KAAA,OAAoC,iBAAO,CAAC,eAAe,CAAC,WAAW,EAAE,mBAAmB,CAAC,IAAA,EAA5F,QAAQ,QAAA,EAAE,qBAAqB,QAAA,CAA8D;yBAIhG,CAAA,eAAe,IAAI,QAAQ,IAAI,UAAU,KAAK,cAAc,IAAI,qBAAqB,CAAA,EAArF,wBAAqF;oBAExE,qBAAM,iBAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,qBAAqB,CAAC,EAAA;;oBAApE,MAAM,GAAG,SAA2D;oBAC1E,WAAW,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;oBACxB,sCAAsC;oBACtC,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;;;yBAC1D,CAAA,eAAe,IAAI,CAAC,QAAQ,CAAA,EAA5B,wBAA4B;oBAEtB,qBAAM,iBAAO,CAAC,gBAAgB,CAAC,IAAI,EAAE,WAAW,CAAC,EAAA;;oBAA1D,MAAM,GAAG,SAAiD;oBAC1D,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;oBACzB,KAAA,OAAqD,iBAAO,CAAC,eAAe,CAAC,YAAY,EAAE,mBAAmB,CAAC,IAAA,EAA9G,oBAAoB,QAAA,EAAE,0BAA0B,QAAA,CAA+D;oBACtH,IAAI,oBAAoB,EAAE;wBACxB,sCAAsC;wBACtC,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAC;qBACrF;yBAAM;wBACL,sBAAO,OAAO,CAAC,MAAM,CAAC,4BAA4B,CAAC,EAAC;qBACrD;;;oBACI,IAAI,QAAQ,EAAE;wBACnB,sCAAsC;wBACtC,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,qBAAqB,CAAC,CAAC;qBAChF;yBAAM;wBACL,sBAAO,OAAO,CAAC,MAAM,CAAC,4BAA4B,CAAC,EAAC;qBACrD;;;oBAGG,WAAW,GAAG;wBAClB,WAAW,EAAE,WAAW;wBACxB,OAAO,EAAE,IAAA,mBAAO,EAAC,WAAW,EAAE,eAAe,CAAC;qBAC/C,CAAC;oBAKI,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC;oBACvC,MAAM,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;oBAC5C,mBAAmB,GAAG,WAAW,CAAC,OAAO,CAAC;oBAEhD,mBAAmB;oBACnB,IACE,CAAC,UAAU,KAAK,gBAAgB,IAAI,UAAU,KAAK,cAAc,CAAC;2BAC/D,mBAAmB;2BACnB,mBAAmB,CAAC,MAAM,KAAK,MAAM,EACxC;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAC;qBAC7C;oBAED,uBAAuB;oBACvB,4DAA4D;oBAC5D,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,YAAY,CAAC,mBAAmB;2BACpD,CAAC,IAAA,sBAAU,EACZ,SAAS,EACT,mBAAmB,CAAC,YAAY,CAAC,mBAAmB,EACpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;qBAC9C;oBAED,eAAe;oBACf,8EAA8E;oBAC9E,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,UAAU;2BAC9B,CAAC,IAAA,sBAAU,EACZ,mBAAmB,CAAC,UAAU,CAAC,SAAS,EACxC,mBAAmB,CAAC,UAAU,CAAC,YAAY,EAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAC;qBAClD;oBAED,sBAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAC;;;;CACrC;AAGD,4CAA4C;AAC5C,SAAe,kBAAkB,CAAC,OAAO;;;;;;oBAE/B,OAAO,GAAoD,OAAO,QAA3D,EAAE,UAAU,GAAwC,OAAO,WAA/C,EAAE,IAAI,GAAkC,OAAO,KAAzC,EAAE,KAAgC,OAAO,eAAlB,EAArB,cAAc,mBAAG,IAAI,KAAA,EAAE,IAAI,GAAK,OAAO,KAAZ,CAAa;oBAEnE,IAAI,GAAkB,OAAO,KAAzB,EAAE,WAAW,GAAK,OAAO,YAAZ,CAAa;oBAEhC,oBAAoB,GAAG,IAAI,CAAC,UAAU,CAAC;oBAGvC,SAAS,GAAG,iBAAO,CAAC,mBAAmB,CAAC,UAAU,CAAC,CAAC;oBACpD,cAAc,GAAW,IAAI,CAAC,SAAS,CAAC,CAAC;oBACzC,MAAM,GAAW,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAChC,SAAS,GAAW,IAAI,CAAC,WAAW,CAAC,CAAC;oBAE5C,sCAAsC;oBACtC,IAAI,cAAc,KAAK,SAAS,EAAE;wBAChC,sBAAO,OAAO,CAAC,MAAM,CAAC,8BAA8B,CAAC,EAAC;qBACvD;oBAEK,SAAS,GAAG,MAAM,CAAC,IAAA,sBAAY,EAAC,cAAc,CAAC,CAAC,CAAC;;;;oBAIrD,qBAAM,iBAAO,CAAC,UAAU,CAAC,SAAS,CAAC,EAAA;;oBAAnC,SAAmC,CAAC;;;;oBAEpC,sBAAO,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC,EAAC;;gBAG3C,4CAA4C;gBAC5C,qBAAM,WAAW,CAAC,SAAS,EAAE,UAAU,CAAC,EAAA;;oBADxC,4CAA4C;oBAC5C,SAAwC,CAAC;oBAErC,SAAS,GAAW,EAAE,CAAC;oBAE3B,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,EAAC;wBAElC,WAAW,GAAG,IAAA,mBAAO,EAAC,SAAS,EAAE,CAAC;gCACtC,GAAG,EAAE,WAAW;gCAChB,SAAS,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;gCACrC,UAAU,EAAE,EAAE;gCACd,OAAO,EAAE,IAAI;6BACd,CAAC,CAAC,CAAC;wBACJ,IAAI,WAAW,IAAI,WAAW,CAAC,SAAS,EAAC;4BACvC,SAAS,GAAG,WAAW,CAAC,SAAmB,CAAC;yBAC7C;qBACF;oBAEK,eAAe,GAAG,yBAAyB,CAAC,UAAU,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;oBAEjG,WAAW,GAAmE;wBAClF,WAAW,EAAE,SAAS;wBACtB,MAAM,EAAE,IAAI;wBACZ,OAAO,EAAE,IAAA,mBAAO,EAAC,SAAS,EAAE,eAAe,CAAC;qBAC7C,CAAC;oBAEF,qCAAqC;oBACrC,0CAA0C;oBAC1C,IAAI,cAAc,EAAE;wBAClB,IAAI,CAAC,SAAS,IAAI,CAAC,MAAM,EAAE;4BACzB,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;yBAC9C;wBAGK,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;wBAEnD,QAAQ,GAAG,iBAAO,CAAC,sBAAsB,CAAC,oBAAoB,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,CAAC,CAAC;wBAE5G,IAAI,CAAC,QAAQ,EAAE;4BACb,mCAAmC;4BACnC,sBAAO,OAAO,CAAC,MAAM,CAAC,2CAA2C,CAAC,EAAC;yBACpE;wBAED,WAAW,CAAC,MAAM,GAAG,MAAM,CAAC;qBAC7B;oBAKK,MAAM,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;oBAC5C,mBAAmB,GAAG,WAAW,CAAC,OAAO,CAAC;oBAEhD,mBAAmB;oBACnB,IACE,CAAC,UAAU,KAAK,gBAAgB,IAAI,UAAU,KAAK,cAAc,CAAC;2BAC/D,mBAAmB;2BACnB,mBAAmB,CAAC,MAAM,KAAK,MAAM,EACxC;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,oBAAoB,CAAC,EAAC;qBAC7C;oBAED,uBAAuB;oBACvB,4DAA4D;oBAC5D,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,YAAY,CAAC,mBAAmB;2BACpD,CAAC,IAAA,sBAAU,EACZ,SAAS,EACT,mBAAmB,CAAC,YAAY,CAAC,mBAAmB,EACpD,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,EAAC;qBAC9C;oBAED,eAAe;oBACf,8EAA8E;oBAC9E,IACE,UAAU,KAAK,cAAc;2BAC1B,mBAAmB,CAAC,UAAU;2BAC9B,CAAC,IAAA,sBAAU,EACZ,mBAAmB,CAAC,UAAU,CAAC,SAAS,EACxC,mBAAmB,CAAC,UAAU,CAAC,YAAY,EAC3C,IAAI,CAAC,aAAa,CAAC,WAAW,CAC/B,EACD;wBACA,sBAAO,OAAO,CAAC,MAAM,CAAC,yBAAyB,CAAC,EAAC;qBAClD;oBAED,sBAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAC;;;;CACrC;AAGD,SAAS,WAAW,CAAC,OAAe,EAAE,UAAkB;IAEtD,6BAA6B;IAC7B,IAAI,UAAU,KAAK,SAAS,CAAC,YAAY,IAAI,UAAU,KAAK,SAAS,CAAC,cAAc,EAAE;QACpF,OAAO,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;KACnC;IAED,IAAM,MAAM,GAAG,UAAU,KAAK,SAAS,CAAC,YAAY;QAClD,CAAC,CAAC,qCAAyB;QAC3B,CAAC,CAAC,sCAA0B,CAAC;IAEzB,IAAA,KAAgB,IAAA,mBAAO,EAAC,OAAO,EAAE,MAAM,CAAC,EAAvC,GAAG,SAAA,EAAE,MAAM,YAA4B,CAAC;IAE/C,oDAAoD;IACpD,IAAI,GAAG,KAAK,gBAAU,CAAC,OAAO,EAAE;QAC9B,OAAO,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;KAC9B;IAED,IAAI,CAAC,GAAG,EAAE;QACR,MAAM,IAAI,KAAK,CAAC,sBAAsB,CAAC,CAAC;KACzC;IAED,mDAAmD;IACnD,MAAM,IAAI,KAAK,CAAC,gDAAyC,GAAG,iCAAuB,MAAM,CAAE,CAAC,CAAC;AAC/F,CAAC;AAED,SAAgB,IAAI,CAAC,OAAO;IAE1B,IAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAChC,IAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;IAEtC,OAAO,CAAC,eAAe,GAAG,CAAC,sBAAgB,CAAC,QAAQ,EAAE,sBAAgB,CAAC,IAAI,EAAE,sBAAgB,CAAC,UAAU,CAAC,CAAC;IAC1G,uCAAuC;IACvC,IAAI,UAAU,KAAK,gBAAU,CAAC,YAAY,EAAE;QAC1C,OAAO,CAAC,eAAe,GAAG,CAAC,sBAAgB,CAAC,IAAI,EAAE,sBAAgB,CAAC,QAAQ,EAAE,sBAAgB,CAAC,UAAU,CAAC,CAAC;KAC3G;IAED,IAAI,OAAO,KAAK,QAAQ,CAAC,IAAI,EAAE;QAC7B,OAAO,QAAQ,CAAC,OAAO,CAAC,CAAC;KAC1B;IAED,IAAI,OAAO,KAAK,QAAQ,CAAC,QAAQ,EAAE;QACjC,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC;KAC9B;IAED,IAAI,OAAO,KAAK,QAAQ,CAAC,UAAU,EAAE;QACnC,OAAO,kBAAkB,CAAC,OAAO,CAAC,CAAC;KACpC;IAED,OAAO,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC;AAE/C,CAAC;AAzBD,oBAyBC"}
|
package/build/src/libsaml.js
CHANGED
|
@@ -63,6 +63,17 @@ var __generator = (this && this.__generator) || function (thisArg, body) {
|
|
|
63
63
|
if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
|
|
64
64
|
}
|
|
65
65
|
};
|
|
66
|
+
var __values = (this && this.__values) || function(o) {
|
|
67
|
+
var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
|
|
68
|
+
if (m) return m.call(o);
|
|
69
|
+
if (o && typeof o.length === "number") return {
|
|
70
|
+
next: function () {
|
|
71
|
+
if (o && i >= o.length) o = void 0;
|
|
72
|
+
return { value: o && o[i++], done: !o };
|
|
73
|
+
}
|
|
74
|
+
};
|
|
75
|
+
throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
|
|
76
|
+
};
|
|
66
77
|
var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
67
78
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
68
79
|
};
|
|
@@ -73,10 +84,11 @@ var xpath_1 = require("xpath");
|
|
|
73
84
|
var node_rsa_1 = __importDefault(require("node-rsa"));
|
|
74
85
|
var xml_crypto_1 = require("xml-crypto");
|
|
75
86
|
var xmlenc = __importStar(require("@authenio/xml-encryption"));
|
|
76
|
-
var extractor_1 = require("./extractor");
|
|
77
87
|
var camelcase_1 = __importDefault(require("camelcase"));
|
|
78
88
|
var api_1 = require("./api");
|
|
79
89
|
var xml_escape_1 = __importDefault(require("xml-escape"));
|
|
90
|
+
var fs = __importStar(require("fs"));
|
|
91
|
+
var xmldom_1 = require("@xmldom/xmldom");
|
|
80
92
|
var signatureAlgorithms = urn_1.algorithms.signature;
|
|
81
93
|
var digestAlgorithms = urn_1.algorithms.digest;
|
|
82
94
|
var certUse = urn_1.wording.certUse;
|
|
@@ -269,17 +281,27 @@ var libSaml = function () {
|
|
|
269
281
|
] : _b, signingCert = opts.signingCert, signatureConfig = opts.signatureConfig, _c = opts.isBase64Output, isBase64Output = _c === void 0 ? true : _c, _d = opts.isMessageSigned, isMessageSigned = _d === void 0 ? false : _d;
|
|
270
282
|
var sig = new xml_crypto_1.SignedXml();
|
|
271
283
|
// Add assertion sections as reference
|
|
284
|
+
var digestAlgorithm = getDigestMethod(signatureAlgorithm);
|
|
272
285
|
if (referenceTagXPath) {
|
|
273
|
-
sig.addReference(
|
|
286
|
+
sig.addReference({
|
|
287
|
+
xpath: referenceTagXPath,
|
|
288
|
+
transforms: transformationAlgorithms,
|
|
289
|
+
digestAlgorithm: digestAlgorithm
|
|
290
|
+
});
|
|
274
291
|
}
|
|
275
292
|
if (isMessageSigned) {
|
|
276
|
-
sig.addReference(
|
|
277
|
-
|
|
278
|
-
|
|
293
|
+
sig.addReference({
|
|
294
|
+
// reference to the root node
|
|
295
|
+
xpath: '/*',
|
|
296
|
+
transforms: transformationAlgorithms,
|
|
297
|
+
digestAlgorithm: digestAlgorithm
|
|
298
|
+
});
|
|
279
299
|
}
|
|
280
300
|
sig.signatureAlgorithm = signatureAlgorithm;
|
|
281
|
-
sig.
|
|
282
|
-
sig.
|
|
301
|
+
sig.publicCert = this.getKeyInfo(signingCert, signatureConfig).getKey();
|
|
302
|
+
sig.getKeyInfoContent = this.getKeyInfo(signingCert, signatureConfig).getKeyInfo;
|
|
303
|
+
sig.privateKey = utility_1.default.readPrivateKey(privateKey, privateKeyPass, true);
|
|
304
|
+
sig.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';
|
|
283
305
|
if (signatureConfig) {
|
|
284
306
|
sig.computeSignature(rawSamlMessage, signatureConfig);
|
|
285
307
|
}
|
|
@@ -292,12 +314,15 @@ var libSaml = function () {
|
|
|
292
314
|
* @desc Verify the XML signature
|
|
293
315
|
* @param {string} xml xml
|
|
294
316
|
* @param {SignatureVerifierOptions} opts cert declares the X509 certificate
|
|
295
|
-
|
|
296
|
-
|
|
317
|
+
* @return {[boolean, string | null]} - A tuple where:
|
|
318
|
+
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
319
|
+
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
320
|
+
*/
|
|
297
321
|
verifySignature: function (xml, opts) {
|
|
298
|
-
var
|
|
322
|
+
var e_1, _a;
|
|
299
323
|
var dom = (0, api_1.getContext)().dom;
|
|
300
324
|
var doc = dom.parseFromString(xml);
|
|
325
|
+
var docParser = new xmldom_1.DOMParser();
|
|
301
326
|
// In order to avoid the wrapping attack, we have changed to use absolute xpath instead of naively fetching the signature element
|
|
302
327
|
// message signature (logout response / saml response)
|
|
303
328
|
var messageSignatureXpath = "/*[contains(local-name(), 'Response') or contains(local-name(), 'Request')]/*[local-name(.)='Signature']";
|
|
@@ -307,7 +332,6 @@ var libSaml = function () {
|
|
|
307
332
|
var wrappingElementsXPath = "/*[contains(local-name(), 'Response')]/*[local-name(.)='Assertion']/*[local-name(.)='Subject']/*[local-name(.)='SubjectConfirmation']/*[local-name(.)='SubjectConfirmationData']//*[local-name(.)='Assertion' or local-name(.)='Signature']";
|
|
308
333
|
// select the signature node
|
|
309
334
|
var selection = [];
|
|
310
|
-
var assertionNode = null;
|
|
311
335
|
var messageSignatureNode = (0, xpath_1.select)(messageSignatureXpath, doc);
|
|
312
336
|
var assertionSignatureNode = (0, xpath_1.select)(assertionSignatureXpath, doc);
|
|
313
337
|
var wrappingElementNode = (0, xpath_1.select)(wrappingElementsXPath, doc);
|
|
@@ -319,18 +343,17 @@ var libSaml = function () {
|
|
|
319
343
|
}
|
|
320
344
|
// guarantee to have a signature in saml response
|
|
321
345
|
if (selection.length === 0) {
|
|
322
|
-
|
|
346
|
+
return [false, null]; // we return false now
|
|
323
347
|
}
|
|
324
|
-
var
|
|
325
|
-
|
|
326
|
-
|
|
327
|
-
selection.forEach(function (signatureNode) {
|
|
348
|
+
var _loop_1 = function (signatureNode) {
|
|
349
|
+
var sig = new xml_crypto_1.SignedXml();
|
|
350
|
+
var verified = false;
|
|
328
351
|
sig.signatureAlgorithm = opts.signatureAlgorithm;
|
|
329
352
|
if (!opts.keyFile && !opts.metadata) {
|
|
330
353
|
throw new Error('ERR_UNDEFINED_SIGNATURE_VERIFIER_OPTIONS');
|
|
331
354
|
}
|
|
332
355
|
if (opts.keyFile) {
|
|
333
|
-
sig.
|
|
356
|
+
sig.publicCert = fs.readFileSync(opts.keyFile);
|
|
334
357
|
}
|
|
335
358
|
if (opts.metadata) {
|
|
336
359
|
var certificateNode = (0, xpath_1.select)(".//*[local-name(.)='X509Certificate']", signatureNode);
|
|
@@ -359,61 +382,112 @@ var libSaml = function () {
|
|
|
359
382
|
// to make sure the response certificate is one of those specified in metadata
|
|
360
383
|
throw new Error('ERROR_UNMATCH_CERTIFICATE_DECLARATION_IN_METADATA');
|
|
361
384
|
}
|
|
362
|
-
sig.
|
|
385
|
+
sig.publicCert = this_1.getKeyInfo(x509Certificate_1).getKey();
|
|
363
386
|
}
|
|
364
387
|
else {
|
|
365
388
|
// Select first one from metadata
|
|
366
|
-
sig.
|
|
389
|
+
sig.publicCert = this_1.getKeyInfo(metadataCert[0]).getKey();
|
|
367
390
|
}
|
|
368
391
|
}
|
|
369
392
|
sig.loadSignature(signatureNode);
|
|
370
|
-
doc.
|
|
371
|
-
verified = verified && sig.checkSignature(doc.toString());
|
|
393
|
+
verified = sig.checkSignature(doc.toString());
|
|
372
394
|
// immediately throw error when any one of the signature is failed to get verified
|
|
373
395
|
if (!verified) {
|
|
374
|
-
|
|
396
|
+
return "continue";
|
|
397
|
+
// throw new Error('ERR_FAILED_TO_VERIFY_SIGNATURE');
|
|
375
398
|
}
|
|
376
|
-
|
|
399
|
+
// Require there to be at least one reference that was signed
|
|
400
|
+
if (!(sig.getSignedReferences().length >= 1)) {
|
|
401
|
+
throw new Error('NO_SIGNATURE_REFERENCES');
|
|
402
|
+
}
|
|
403
|
+
var signedVerifiedXML = sig.getSignedReferences()[0];
|
|
404
|
+
var rootNode = docParser.parseFromString(signedVerifiedXML, 'text/xml').documentElement;
|
|
405
|
+
// process the verified signature:
|
|
406
|
+
// case 1, rootSignedDoc is a response:
|
|
407
|
+
if (rootNode.localName === 'Response') {
|
|
408
|
+
// try getting the Xml from the first assertion
|
|
409
|
+
var assertions = (0, xpath_1.select)("./*[local-name()='Assertion']", rootNode);
|
|
410
|
+
var encryptedAssertions = (0, xpath_1.select)("./*[local-name()='EncryptedAssertion']", rootNode);
|
|
411
|
+
// now we can process the assertion as an assertion
|
|
412
|
+
if (assertions.length === 1) {
|
|
413
|
+
return { value: [true, assertions[0].toString()] };
|
|
414
|
+
}
|
|
415
|
+
else if (encryptedAssertions.length >= 1) {
|
|
416
|
+
return { value: [true, rootNode.toString()] };
|
|
417
|
+
}
|
|
418
|
+
else {
|
|
419
|
+
return { value: [true, null] };
|
|
420
|
+
}
|
|
421
|
+
}
|
|
422
|
+
else if (rootNode.localName === 'Assertion') {
|
|
423
|
+
return { value: [true, rootNode.toString()] };
|
|
424
|
+
}
|
|
425
|
+
else {
|
|
426
|
+
return { value: [true, null] };
|
|
427
|
+
}
|
|
428
|
+
};
|
|
429
|
+
var this_1 = this;
|
|
430
|
+
try {
|
|
431
|
+
// need to refactor later on
|
|
432
|
+
for (var selection_1 = __values(selection), selection_1_1 = selection_1.next(); !selection_1_1.done; selection_1_1 = selection_1.next()) {
|
|
433
|
+
var signatureNode = selection_1_1.value;
|
|
434
|
+
var state_1 = _loop_1(signatureNode);
|
|
435
|
+
if (typeof state_1 === "object")
|
|
436
|
+
return state_1.value;
|
|
437
|
+
}
|
|
438
|
+
}
|
|
439
|
+
catch (e_1_1) { e_1 = { error: e_1_1 }; }
|
|
440
|
+
finally {
|
|
441
|
+
try {
|
|
442
|
+
if (selection_1_1 && !selection_1_1.done && (_a = selection_1.return)) _a.call(selection_1);
|
|
443
|
+
}
|
|
444
|
+
finally { if (e_1) throw e_1.error; }
|
|
445
|
+
}
|
|
446
|
+
;
|
|
447
|
+
return [false, null]; // we didn't verify anything, none of the signatures are valid
|
|
448
|
+
/*
|
|
377
449
|
// response must be signed, either entire document or assertion
|
|
378
450
|
// default we will take the assertion section under root
|
|
379
451
|
if (messageSignatureNode.length === 1) {
|
|
380
|
-
|
|
381
|
-
|
|
382
|
-
|
|
383
|
-
|
|
452
|
+
const node = select("/*[contains(local-name(), 'Response') or contains(local-name(), 'Request')]/*[local-name(.)='Assertion']", doc);
|
|
453
|
+
if (node.length === 1) {
|
|
454
|
+
assertionNode = node[0].toString();
|
|
455
|
+
}
|
|
384
456
|
}
|
|
457
|
+
|
|
385
458
|
if (assertionSignatureNode.length === 1) {
|
|
386
|
-
|
|
387
|
-
|
|
388
|
-
|
|
389
|
-
|
|
390
|
-
|
|
391
|
-
|
|
392
|
-
|
|
393
|
-
|
|
394
|
-
|
|
395
|
-
|
|
396
|
-
|
|
397
|
-
|
|
398
|
-
|
|
399
|
-
|
|
400
|
-
|
|
401
|
-
|
|
402
|
-
|
|
403
|
-
|
|
404
|
-
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
|
|
408
|
-
|
|
409
|
-
|
|
410
|
-
|
|
411
|
-
|
|
412
|
-
|
|
413
|
-
|
|
414
|
-
|
|
459
|
+
const verifiedAssertionInfo = extract(assertionSignatureNode[0].toString(), [{
|
|
460
|
+
key: 'refURI',
|
|
461
|
+
localPath: ['Signature', 'SignedInfo', 'Reference'],
|
|
462
|
+
attributes: ['URI']
|
|
463
|
+
}]);
|
|
464
|
+
// get the assertion supposed to be the one should be verified
|
|
465
|
+
const desiredAssertionInfo = extract(doc.toString(), [{
|
|
466
|
+
key: 'id',
|
|
467
|
+
localPath: ['~Response', 'Assertion'],
|
|
468
|
+
attributes: ['ID']
|
|
469
|
+
}]);
|
|
470
|
+
// 5.4.2 References
|
|
471
|
+
// SAML assertions and protocol messages MUST supply a value for the ID attribute on the root element of
|
|
472
|
+
// the assertion or protocol message being signed. The assertion’s or protocol message's root element may
|
|
473
|
+
// or may not be the root element of the actual XML document containing the signed assertion or protocol
|
|
474
|
+
// message (e.g., it might be contained within a SOAP envelope).
|
|
475
|
+
// Signatures MUST contain a single <ds:Reference> containing a same-document reference to the ID
|
|
476
|
+
// attribute value of the root element of the assertion or protocol message being signed. For example, if the
|
|
477
|
+
// ID attribute value is "foo", then the URI attribute in the <ds:Reference> element MUST be "#foo".
|
|
478
|
+
if (verifiedAssertionInfo.refURI !== `#${desiredAssertionInfo.id}`) {
|
|
479
|
+
throw new Error('ERR_POTENTIAL_WRAPPING_ATTACK');
|
|
480
|
+
}
|
|
481
|
+
const verifiedDoc = extract(doc.toString(), [{
|
|
482
|
+
key: 'assertion',
|
|
483
|
+
localPath: ['~Response', 'Assertion'],
|
|
484
|
+
attributes: [],
|
|
485
|
+
context: true
|
|
486
|
+
}]);
|
|
487
|
+
assertionNode = verifiedDoc.assertion.toString();
|
|
415
488
|
}
|
|
416
|
-
|
|
489
|
+
|
|
490
|
+
return [verified, assertionNode];*/
|
|
417
491
|
},
|
|
418
492
|
/**
|
|
419
493
|
* @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
|
|
@@ -484,12 +558,14 @@ var libSaml = function () {
|
|
|
484
558
|
*/
|
|
485
559
|
getKeyInfo: function (x509Certificate, signatureConfig) {
|
|
486
560
|
if (signatureConfig === void 0) { signatureConfig = {}; }
|
|
487
|
-
|
|
488
|
-
|
|
489
|
-
|
|
490
|
-
|
|
491
|
-
|
|
492
|
-
|
|
561
|
+
var prefix = signatureConfig.prefix ? "".concat(signatureConfig.prefix, ":") : '';
|
|
562
|
+
return {
|
|
563
|
+
getKeyInfo: function () {
|
|
564
|
+
return "<".concat(prefix, "X509Data><").concat(prefix, "X509Certificate>").concat(x509Certificate, "</").concat(prefix, "X509Certificate></").concat(prefix, "X509Data>");
|
|
565
|
+
},
|
|
566
|
+
getKey: function () {
|
|
567
|
+
return utility_1.default.getPublicKeyPemFromCertificate(x509Certificate).toString();
|
|
568
|
+
},
|
|
493
569
|
};
|
|
494
570
|
},
|
|
495
571
|
/**
|
|
@@ -592,7 +668,7 @@ var libSaml = function () {
|
|
|
592
668
|
*/
|
|
593
669
|
isValidXml: function (input) {
|
|
594
670
|
return __awaiter(this, void 0, void 0, function () {
|
|
595
|
-
var validate,
|
|
671
|
+
var validate, e_2;
|
|
596
672
|
return __generator(this, function (_a) {
|
|
597
673
|
switch (_a.label) {
|
|
598
674
|
case 0:
|
|
@@ -613,8 +689,8 @@ var libSaml = function () {
|
|
|
613
689
|
return [4 /*yield*/, validate(input)];
|
|
614
690
|
case 2: return [2 /*return*/, _a.sent()];
|
|
615
691
|
case 3:
|
|
616
|
-
|
|
617
|
-
throw
|
|
692
|
+
e_2 = _a.sent();
|
|
693
|
+
throw e_2;
|
|
618
694
|
case 4: return [2 /*return*/];
|
|
619
695
|
}
|
|
620
696
|
});
|
package/build/src/libsaml.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"libsaml.js","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":";AAAA;;;;EAIE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEF,mDAA2D;AAC3D,6BAAuD;AACvD,+BAA+B;AAE/B,sDAAmD;AACnD,yCAAoD;AACpD,+DAAmD;AACnD,yCAAsC;AACtC,wDAAkC;AAClC,6BAAmC;AACnC,0DAAmC;AAEnC,IAAM,mBAAmB,GAAG,gBAAU,CAAC,SAAS,CAAC;AACjD,IAAM,gBAAgB,GAAG,gBAAU,CAAC,MAAM,CAAC;AAC3C,IAAM,OAAO,GAAG,aAAO,CAAC,OAAO,CAAC;AAChC,IAAM,SAAS,GAAG,aAAO,CAAC,SAAS,CAAC;AA6FpC,IAAM,OAAO,GAAG;IAEd;;;MAGE;IACF,SAAS,mBAAmB,CAAC,IAAY;QACvC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,SAAS,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE;YACzE,OAAO,aAAa,CAAC;SACtB;QACD,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE;YAC3E,OAAO,cAAc,CAAC;SACvB;QACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAChD,CAAC;IACD;;OAEG;IACH,IAAM,gBAAgB,GAAG;QACvB,4CAA4C,EAAE,YAAY;QAC1D,mDAAmD,EAAE,cAAc;QACnE,mDAAmD,EAAE,cAAc;KACpE,CAAC;IACF;;;MAGE;IACF,IAAM,2BAA2B,GAAG;QAClC,OAAO,EAAE,4cAA4c;KACtd,CAAC;IACF;;;MAGE;IACF,IAAM,4BAA4B,GAAG;QACnC,OAAO,EAAE,mUAAmU;KAC7U,CAAC;IAEF;;;MAGE;IACF,IAAM,iCAAiC,GAAG;QACxC,OAAO,EAAE,iEAAiE;KAC3E,CAAC;IAEF;;;MAGE;IACF,IAAM,wBAAwB,GAAG;QAC/B,OAAO,EAAE,6MAA6M;KACvN,CAAC;IAEF;;;MAGE;IACF,IAAM,4BAA4B,GAAG;QACnC,OAAO,EAAE,qrCAAqrC;QAC9rC,UAAU,EAAE,EAAE;QACd,mBAAmB,EAAE;YACnB,4BAA4B,EAAE,iCAAiC;YAC/D,mBAAmB,EAAE,wBAAwB;SAC9C;KACF,CAAC;IACF;;;MAGE;IACF,IAAM,6BAA6B,GAAG;QACpC,OAAO,EAAE,6WAA6W;KACvX,CAAC;IACF;;;;;MAKE;IACF,SAAS,gBAAgB,CAAC,MAAe;QACvC,IAAI,MAAM,EAAE;YACV,IAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC1C,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,EAAE;gBAC7B,OAAO,QAAQ,CAAC;aACjB;SACF;QACD,OAAO,gBAAgB,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC;IACD;;;;;MAKE;IACF,SAAS,eAAe,CAAC,MAAc;QACrC,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IACD;;;;;;MAME;IACF,SAAS,WAAW,CAAC,KAAK,EAAE,YAAsB;QAChD,IAAI,IAAA,kBAAQ,EAAC,KAAK,CAAC,EAAE;YACnB,OAAO,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,qBAAqB,GAAG,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,qBAAqB,GAAG,KAAK,GAAG,IAAI,CAAC;SACnH;QACD,OAAO,qBAAqB,GAAG,KAAK,CAAC,IAAI,GAAG,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC;IAClE,CAAC;IAED;;;;;;OAMG;IACH,SAAS,OAAO,CAAC,MAAc,EAAE,OAAe;QAC9C,IAAM,YAAY,GAAG,IAAA,mBAAS,EAAC,OAAO,EAAE,EAAC,MAAM,EAAE,OAAO,EAAC,CAAC,CAAC;QAC3D,OAAO,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/E,CAAC;IAED,SAAS,SAAS,CAAC,WAAoB;QACrC,OAAO,UAAC,MAAc,EAAE,KAAc;YACpC,IAAM,IAAI,GAAW,CAAC,WAAW,KAAK,IAAI,IAAI,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEpG,oGAAoG;YACpG,OAAO,KAAK,CAAC,CAAC,CAAC,UAAG,KAAK,SAAG,IAAA,oBAAS,EAAC,IAAI,CAAC,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACrD,CAAC,CAAA;IACH,CAAC;IAED,OAAO;QAEL,WAAW,aAAA;QACX,mBAAmB,qBAAA;QACnB,2BAA2B,6BAAA;QAC3B,4BAA4B,8BAAA;QAC5B,iCAAiC,mCAAA;QACjC,wBAAwB,0BAAA;QACxB,4BAA4B,8BAAA;QAC5B,6BAA6B,+BAAA;QAE7B;;;;;UAKE;QACF,kBAAkB,YAAC,MAAc,EAAE,SAAkC;YACnE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,UAAA,CAAC;gBAC9B,MAAM,GAAG,MAAM,CAAC,OAAO,CACrB,IAAI,MAAM,CAAC,kBAAU,CAAC,QAAK,EAAE,GAAG,CAAC,EACjC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CACxB,CAAC;YACJ,CAAC,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;QAChB,CAAC;QACD;;;;;;UAME;QACF,yBAAyB,YACvB,UAAoC,EACpC,iBAA+D,EAC/D,0BAA0F;YAD1F,kCAAA,EAAA,4CAA+D;YAC/D,2CAAA,EAAA,8DAA0F;YAE1F,IAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,UAAC,EAAyE;oBAAvE,IAAI,UAAA,EAAE,UAAU,gBAAA,EAAE,QAAQ,cAAA,EAAE,YAAY,kBAAA,EAAE,YAAY,kBAAA,EAAE,aAAa,mBAAA;gBAClG,IAAM,mBAAmB,GAAG,kCAAkC,CAAC;gBAC/D,IAAM,oBAAoB,GAAG,2CAA2C,CAAC;gBACzE,IAAI,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC;gBAC9C,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;gBACtD,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;gBAClE,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC;gBAC3G,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC;gBAC/G,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;gBACtE,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,WAAI,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAG,CAAC,CAAC;gBACnF,OAAO,aAAa,CAAC;YACvB,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACZ,OAAO,0BAA0B,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QAC1E,CAAC;QAED;;;;;;;;;;UAUE;QACF,sBAAsB,YAAC,IAA0B;YAE7C,IAAA,cAAc,GAaZ,IAAI,eAbQ,EACd,iBAAiB,GAYf,IAAI,kBAZW,EACjB,UAAU,GAWR,IAAI,WAXI,EACV,cAAc,GAUZ,IAAI,eAVQ,EACd,KASE,IAAI,mBAT6C,EAAnD,kBAAkB,mBAAG,mBAAmB,CAAC,UAAU,KAAA,EACnD,KAQE,IAAI,yBALL,EAHD,wBAAwB,mBAAG;gBACzB,uDAAuD;gBACvD,yCAAyC;aAC1C,KAAA,EACD,WAAW,GAIT,IAAI,YAJK,EACX,eAAe,GAGb,IAAI,gBAHS,EACf,KAEE,IAAI,eAFe,EAArB,cAAc,mBAAG,IAAI,KAAA,EACrB,KACE,IAAI,gBADiB,EAAvB,eAAe,mBAAG,KAAK,KAAA,CAChB;YACT,IAAM,GAAG,GAAG,IAAI,sBAAS,EAAE,CAAC;YAC5B,sCAAsC;YACtC,IAAI,iBAAiB,EAAE;gBACrB,GAAG,CAAC,YAAY,CACd,iBAAiB,EACjB,wBAAwB,EACxB,eAAe,CAAC,kBAAkB,CAAC,CACpC,CAAC;aACH;YACD,IAAI,eAAe,EAAE;gBACnB,GAAG,CAAC,YAAY;gBACd,6BAA6B;gBAC7B,IAAI,EACJ,wBAAwB,EACxB,eAAe,CAAC,kBAAkB,CAAC,EACnC,EAAE,EACF,EAAE,EACF,EAAE,EACF,KAAK,CACN,CAAC;aACH;YACD,GAAG,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;YAC5C,GAAG,CAAC,eAAe,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;YACxE,GAAG,CAAC,UAAU,GAAG,iBAAO,CAAC,cAAc,CAAC,UAAU,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;YAC1E,IAAI,eAAe,EAAE;gBACnB,GAAG,CAAC,gBAAgB,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;aACvD;iBAAM;gBACL,GAAG,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC;aACtC;YACD,OAAO,cAAc,KAAK,KAAK,CAAC,CAAC,CAAC,iBAAO,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAClG,CAAC;QACD;;;;;UAKE;QACF,eAAe,YAAC,GAAW,EAAE,IAA8B;YAA3D,iBA+IC;YA9IS,IAAA,GAAG,GAAK,IAAA,gBAAU,GAAE,IAAjB,CAAkB;YAC7B,IAAM,GAAG,GAAG,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;YACrC,iIAAiI;YACjI,sDAAsD;YACtD,IAAM,qBAAqB,GAAG,0GAA0G,CAAC;YACzI,wDAAwD;YACxD,IAAM,uBAAuB,GAAG,uIAAuI,CAAC;YACxK,6DAA6D;YAC7D,IAAM,qBAAqB,GAAG,6OAA6O,CAAC;YAE5Q,4BAA4B;YAC5B,IAAI,SAAS,GAAQ,EAAE,CAAC;YACxB,IAAI,aAAa,GAAkB,IAAI,CAAC;YACxC,IAAM,oBAAoB,GAAG,IAAA,cAAM,EAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;YAChE,IAAM,sBAAsB,GAAG,IAAA,cAAM,EAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;YACpE,IAAM,mBAAmB,GAAG,IAAA,cAAM,EAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;YAE/D,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;YACnD,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;YAErD,yCAAyC;YACzC,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;aAClD;YAED,iDAAiD;YACjD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC1B,MAAM,IAAI,KAAK,CAAC,oBAAoB,CAAC,CAAC;aACvC;YAED,IAAM,GAAG,GAAG,IAAI,sBAAS,EAAE,CAAC;YAC5B,IAAI,QAAQ,GAAG,IAAI,CAAC;YACpB,4BAA4B;YAC5B,SAAS,CAAC,OAAO,CAAC,UAAA,aAAa;gBAE7B,GAAG,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAmB,CAAC;gBAElD,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;oBACnC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;iBAC7D;gBAED,IAAI,IAAI,CAAC,OAAO,EAAE;oBAChB,GAAG,CAAC,eAAe,GAAG,IAAI,wBAAW,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;iBACrD;gBAED,IAAI,IAAI,CAAC,QAAQ,EAAE;oBAEjB,IAAM,eAAe,GAAG,IAAA,cAAM,EAAC,uCAAuC,EAAE,aAAa,CAAQ,CAAC;oBAC9F,0BAA0B;oBAC1B,IAAI,YAAY,GAAQ,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;oBAC1E,oEAAoE;oBACpE,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;wBAC/B,YAAY,GAAG,IAAA,qBAAW,EAAC,YAAY,CAAC,CAAC;qBAC1C;yBAAM,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;wBAC3C,YAAY,GAAG,CAAC,YAAY,CAAC,CAAC;qBAC/B;oBACD,mCAAmC;oBACnC,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,iBAAO,CAAC,kBAAkB,CAAC,CAAC;oBAE5D,gDAAgD;oBAChD,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE;wBAC7D,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;qBAC5C;oBAED,+BAA+B;oBAC/B,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE;wBAChC,IAAM,mBAAmB,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;wBAC/D,IAAM,iBAAe,GAAG,iBAAO,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,CAAC;wBAExE,IACE,YAAY,CAAC,MAAM,IAAI,CAAC;4BACxB,CAAC,YAAY,CAAC,IAAI,CAAC,UAAA,IAAI,IAAI,OAAA,IAAI,CAAC,IAAI,EAAE,KAAK,iBAAe,CAAC,IAAI,EAAE,EAAtC,CAAsC,CAAC,EAClE;4BACA,sDAAsD;4BACtD,8EAA8E;4BAC9E,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;yBACtE;wBAED,GAAG,CAAC,eAAe,GAAG,IAAI,KAAI,CAAC,UAAU,CAAC,iBAAe,CAAC,CAAC;qBAE5D;yBAAM;wBACL,iCAAiC;wBACjC,GAAG,CAAC,eAAe,GAAG,IAAI,KAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;qBAC5D;iBAEF;gBAED,GAAG,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;gBAEjC,GAAG,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;gBAE/B,QAAQ,GAAG,QAAQ,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAE1D,kFAAkF;gBAClF,IAAI,CAAC,QAAQ,EAAE;oBACb,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;iBACnD;YAEH,CAAC,CAAC,CAAC;YAEH,+DAA+D;YAC/D,wDAAwD;YACxD,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,EAAE;gBACrC,IAAM,IAAI,GAAG,IAAA,cAAM,EAAC,0GAA0G,EAAE,GAAG,CAAC,CAAC;gBACrI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE;oBACrB,aAAa,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;iBACpC;aACF;YAED,IAAI,sBAAsB,CAAC,MAAM,KAAK,CAAC,EAAE;gBACvC,IAAM,qBAAqB,GAAG,IAAA,mBAAO,EAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC;wBAC3E,GAAG,EAAE,QAAQ;wBACb,SAAS,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,WAAW,CAAC;wBACnD,UAAU,EAAE,CAAC,KAAK,CAAC;qBACpB,CAAC,CAAC,CAAC;gBACJ,8DAA8D;gBAC9D,IAAM,oBAAoB,GAAG,IAAA,mBAAO,EAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC;wBACpD,GAAG,EAAE,IAAI;wBACT,SAAS,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;wBACrC,UAAU,EAAE,CAAC,IAAI,CAAC;qBACnB,CAAC,CAAC,CAAC;gBACJ,mBAAmB;gBACnB,wGAAwG;gBACxG,yGAAyG;gBACzG,wGAAwG;gBACxG,gEAAgE;gBAChE,iGAAiG;gBACjG,6GAA6G;gBAC7G,oGAAoG;gBACpG,IAAI,qBAAqB,CAAC,MAAM,KAAK,WAAI,oBAAoB,CAAC,EAAE,CAAE,EAAE;oBAClE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;iBAClD;gBACD,IAAM,WAAW,GAAG,IAAA,mBAAO,EAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,CAAC;wBAC3C,GAAG,EAAE,WAAW;wBAChB,SAAS,EAAE,CAAC,WAAW,EAAE,WAAW,CAAC;wBACrC,UAAU,EAAE,EAAE;wBACd,OAAO,EAAE,IAAI;qBACd,CAAC,CAAC,CAAC;gBACJ,aAAa,GAAG,WAAW,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;aAClD;YAED,OAAO,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QACnC,CAAC;QACD;;;;;UAKE;QACF,gBAAgB,YAAC,GAAW,EAAE,UAA2B;;YACvD;gBACE,GAAC,eAAe,IAAG;oBACjB;wBACE,KAAK,EAAE,EAAE,GAAG,KAAA,EAAE;qBACf;;wBAEC,GAAC,YAAY,IAAG;4BACd;gCACE,KAAK,EAAE;oCACL,UAAU,EAAE,oCAAoC;iCACjD;6BACF;;gCAEC,GAAC,aAAa,IAAG,CAAC;wCAChB,oBAAoB,EAAE,iBAAO,CAAC,kBAAkB,CAAC,UAAU,CAAC;qCAC7D,CAAC;;yBAEL;;iBACD;mBACJ;QACJ,CAAC;QACD;;;;;;;UAOE;QACF,yBAAyB,YACvB,WAAmB,EACnB,GAAW,EACX,UAAmB,EACnB,QAAkB,EAClB,gBAAyB;YAEzB,6CAA6C;YAC7C,6BAA6B;YAC7B,IAAM,YAAY,GAAG,IAAI,kBAAI,CAC3B,iBAAO,CAAC,cAAc,CAAC,GAAG,EAAE,UAAU,CAAC,EACvC,SAAS,EACT;gBACE,aAAa,EAAE,gBAAgB,CAAC,gBAAgB,CAAC;aAClD,CACF,CAAC;YACF,IAAM,SAAS,GAAG,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjD,+BAA+B;YAC/B,OAAO,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACvE,CAAC;QACD;;;;;;;UAOE;QACF,sBAAsB,YACpB,QAAQ,EACR,WAAmB,EACnB,SAA0B,EAC1B,eAAwB;YAExB,IAAM,QAAQ,GAAG,QAAQ,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9D,IAAM,aAAa,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;YACxD,IAAM,GAAG,GAAG,IAAI,kBAAI,CAAC,iBAAO,CAAC,8BAA8B,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE,aAAa,eAAA,EAAE,CAAC,CAAC;YACpG,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QACtE,CAAC;QACD;;;;UAIE;QACF,UAAU,YAAC,eAAuB,EAAE,eAAyB;YAAzB,gCAAA,EAAA,oBAAyB;YAC3D,IAAI,CAAC,UAAU,GAAG,UAAA,GAAG;gBACnB,IAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,UAAG,eAAe,CAAC,MAAM,MAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1E,OAAO,WAAI,MAAM,uBAAa,MAAM,6BAAmB,eAAe,eAAK,MAAM,+BAAqB,MAAM,cAAW,CAAC;YAC1H,CAAC,CAAC;YACF,IAAI,CAAC,MAAM,GAAG,UAAA,OAAO;gBACnB,OAAO,iBAAO,CAAC,8BAA8B,CAAC,eAAe,CAAC,CAAC,QAAQ,EAAE,CAAC;YAC5E,CAAC,CAAC;QACJ,CAAC;QACD;;;;;;UAME;QACF,gBAAgB,YAAC,YAAY,EAAE,YAAY,EAAE,GAAY;YACvD,iDAAiD;YACjD,OAAO,IAAI,OAAO,CAAS,UAAC,OAAO,EAAE,MAAM;gBAEzC,IAAI,CAAC,GAAG,EAAE;oBACR,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;iBACrD;gBAED,IAAM,mBAAmB,GAAG,YAAY,CAAC,aAAa,CAAC;gBACvD,IAAM,oBAAoB,GAAG,YAAY,CAAC,UAAU,CAAC;gBAC7C,IAAA,GAAG,GAAK,IAAA,gBAAU,GAAE,IAAjB,CAAkB;gBAC7B,IAAM,GAAG,GAAG,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;gBACrC,IAAM,UAAU,GAAG,IAAA,cAAM,EAAC,gCAAgC,EAAE,GAAG,CAAW,CAAC;gBAC3E,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE;oBACzD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;iBACrC;gBACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE;oBACzB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;iBAC3C;gBACD,IAAM,gBAAgB,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBAEvC,8DAA8D;gBAC9D,IAAI,mBAAmB,CAAC,oBAAoB,EAAE;oBAE5C,IAAM,YAAY,GAAG,iBAAO,CAAC,8BAA8B,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;oBAEtH,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,EAAE;wBAC1C,4BAA4B;wBAC5B,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC;wBAClC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,qCAA8B,oBAAoB,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,8BAA2B,CAAC;wBACnI,mBAAmB,EAAE,mBAAmB,CAAC,uBAAuB;wBAChE,sBAAsB,EAAE,mBAAmB,CAAC,sBAAsB;qBACnE,EAAE,UAAC,GAAG,EAAE,GAAG;wBACV,IAAI,GAAG,EAAE;4BACP,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;4BACnB,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;yBACnE;wBACD,IAAI,CAAC,GAAG,EAAE;4BACR,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC,CAAC;yBAC/D;wBACO,IAAoB,kBAAkB,GAAK,mBAAmB,CAAC,SAAS,mBAAlC,CAAmC;wBACjF,IAAM,mBAAmB,GAAG,GAAG,CAAC,eAAe,CAAC,WAAI,kBAAkB,uCAA6B,kBAAkB,gBAAK,eAAS,CAAC,KAAK,CAAC,SAAS,gBAAK,GAAG,eAAK,kBAAkB,yBAAsB,CAAC,CAAC;wBAC1M,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,mBAAmB,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC;wBACxF,OAAO,OAAO,CAAC,iBAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;oBACvD,CAAC,CAAC,CAAC;iBACJ;qBAAM;oBACL,OAAO,OAAO,CAAC,iBAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,2BAA2B;iBACvE;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QACD;;;;;;;UAOE;QACF,gBAAgB,YAAC,IAAI,EAAE,SAAiB;YACtC,OAAO,IAAI,OAAO,CAAgB,UAAC,OAAO,EAAE,MAAM;gBAChD,sDAAsD;gBACtD,IAAI,CAAC,SAAS,EAAE;oBACd,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;iBACrD;gBACD,2FAA2F;gBAC3F,IAAM,WAAW,GAAG,IAAI,CAAC,aAAa,CAAC;gBAC/B,IAAA,GAAG,GAAM,IAAA,gBAAU,GAAE,IAAlB,CAAmB;gBAC9B,IAAM,GAAG,GAAG,GAAG,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;gBAC3C,IAAM,mBAAmB,GAAG,IAAA,cAAM,EAAC,8EAA8E,EAAE,GAAG,CAAW,CAAC;gBAClI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE;oBAC3E,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;iBACtD;gBACD,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;oBAClC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;iBAC3C;gBACD,IAAM,gBAAgB,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;gBAEhD,OAAO,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,EAAE;oBACjD,GAAG,EAAE,iBAAO,CAAC,cAAc,CAAC,WAAW,CAAC,aAAa,EAAE,WAAW,CAAC,iBAAiB,CAAC;iBACtF,EAAE,UAAC,GAAG,EAAE,GAAG;oBACV,IAAI,GAAG,EAAE;wBACP,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBACnB,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;qBACnE;oBACD,IAAI,CAAC,GAAG,EAAE;wBACR,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC,CAAC;qBAC/D;oBACD,IAAM,eAAe,GAAG,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;oBACjD,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,eAAe,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC;oBACpF,OAAO,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;gBACxC,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QACD;;WAEG;QACG,UAAU,YAAC,KAAa;;;;;;4BAGpB,QAAQ,GAAK,IAAA,gBAAU,GAAE,SAAjB,CAAkB;4BAElC;;;;;+BAKG;4BACH,IAAI,CAAC,QAAQ,EAAE;gCAEb,qCAAqC;gCACrC,sBAAO,OAAO,CAAC,MAAM,CAAC,+LAA+L,CAAC,EAAC;6BAExN;;;;4BAGQ,qBAAM,QAAQ,CAAC,KAAK,CAAC,EAAA;gCAA5B,sBAAO,SAAqB,EAAC;;;4BAE7B,MAAM,GAAC,CAAC;;;;;SAGX;KACF,CAAC;AACJ,CAAC,CAAC;AAEF,kBAAe,OAAO,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"libsaml.js","sourceRoot":"","sources":["../../src/libsaml.ts"],"names":[],"mappings":";AAAA;;;;EAIE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEF,mDAA2D;AAC3D,6BAAuD;AACvD,+BAA+B;AAE/B,sDAAmD;AACnD,yCAAuC;AACvC,+DAAmD;AAEnD,wDAAkC;AAClC,6BAAmC;AACnC,0DAAmC;AACnC,qCAAyB;AACzB,yCAAyC;AAEzC,IAAM,mBAAmB,GAAG,gBAAU,CAAC,SAAS,CAAC;AACjD,IAAM,gBAAgB,GAAG,gBAAU,CAAC,MAAM,CAAC;AAC3C,IAAM,OAAO,GAAG,aAAO,CAAC,OAAO,CAAC;AAChC,IAAM,SAAS,GAAG,aAAO,CAAC,SAAS,CAAC;AA8FpC,IAAM,OAAO,GAAG;IAEd;;;MAGE;IACF,SAAS,mBAAmB,CAAC,IAAY;QACvC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,SAAS,CAAC,WAAW,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE;YACzE,OAAO,aAAa,CAAC;SACtB;QACD,IAAI,CAAC,SAAS,CAAC,cAAc,EAAE,SAAS,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE;YAC3E,OAAO,cAAc,CAAC;SACvB;QACD,MAAM,IAAI,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAChD,CAAC;IACD;;OAEG;IACH,IAAM,gBAAgB,GAAG;QACvB,4CAA4C,EAAE,YAAY;QAC1D,mDAAmD,EAAE,cAAc;QACnE,mDAAmD,EAAE,cAAc;KACpE,CAAC;IACF;;;MAGE;IACF,IAAM,2BAA2B,GAAG;QAClC,OAAO,EAAE,4cAA4c;KACtd,CAAC;IACF;;;MAGE;IACF,IAAM,4BAA4B,GAAG;QACnC,OAAO,EAAE,mUAAmU;KAC7U,CAAC;IAEF;;;MAGE;IACF,IAAM,iCAAiC,GAAG;QACxC,OAAO,EAAE,iEAAiE;KAC3E,CAAC;IAEF;;;MAGE;IACF,IAAM,wBAAwB,GAAG;QAC/B,OAAO,EAAE,6MAA6M;KACvN,CAAC;IAEF;;;MAGE;IACF,IAAM,4BAA4B,GAAG;QACnC,OAAO,EAAE,qrCAAqrC;QAC9rC,UAAU,EAAE,EAAE;QACd,mBAAmB,EAAE;YACnB,4BAA4B,EAAE,iCAAiC;YAC/D,mBAAmB,EAAE,wBAAwB;SAC9C;KACF,CAAC;IACF;;;MAGE;IACF,IAAM,6BAA6B,GAAG;QACpC,OAAO,EAAE,6WAA6W;KACvX,CAAC;IACF;;;;;MAKE;IACF,SAAS,gBAAgB,CAAC,MAAe;QACvC,IAAI,MAAM,EAAE;YACV,IAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAC1C,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,EAAE;gBAC7B,OAAO,QAAQ,CAAC;aACjB;SACF;QACD,OAAO,gBAAgB,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IACxD,CAAC;IACD;;;;;MAKE;IACF,SAAS,eAAe,CAAC,MAAc;QACrC,OAAO,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IACD;;;;;;MAME;IACF,SAAS,WAAW,CAAC,KAAK,EAAE,YAAsB;QAChD,IAAI,IAAA,kBAAQ,EAAC,KAAK,CAAC,EAAE;YACnB,OAAO,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,qBAAqB,GAAG,KAAK,GAAG,WAAW,CAAC,CAAC,CAAC,qBAAqB,GAAG,KAAK,GAAG,IAAI,CAAC;SACnH;QACD,OAAO,qBAAqB,GAAG,KAAK,CAAC,IAAI,GAAG,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC;IAClE,CAAC;IAED;;;;;;OAMG;IACH,SAAS,OAAO,CAAC,MAAc,EAAE,OAAe;QAC9C,IAAM,YAAY,GAAG,IAAA,mBAAS,EAAC,OAAO,EAAE,EAAC,MAAM,EAAE,OAAO,EAAC,CAAC,CAAC;QAC3D,OAAO,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/E,CAAC;IAED,SAAS,SAAS,CAAC,WAAoB;QACrC,OAAO,UAAC,MAAc,EAAE,KAAc;YACpC,IAAM,IAAI,GAAW,CAAC,WAAW,KAAK,IAAI,IAAI,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAEpG,oGAAoG;YACpG,OAAO,KAAK,CAAC,CAAC,CAAC,UAAG,KAAK,SAAG,IAAA,oBAAS,EAAC,IAAI,CAAC,CAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACrD,CAAC,CAAA;IACH,CAAC;IAED,OAAO;QAEL,WAAW,aAAA;QACX,mBAAmB,qBAAA;QACnB,2BAA2B,6BAAA;QAC3B,4BAA4B,8BAAA;QAC5B,iCAAiC,mCAAA;QACjC,wBAAwB,0BAAA;QACxB,4BAA4B,8BAAA;QAC5B,6BAA6B,+BAAA;QAE7B;;;;;UAKE;QACF,kBAAkB,YAAC,MAAc,EAAE,SAAkC;YACnE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,OAAO,CAAC,UAAA,CAAC;gBAC9B,MAAM,GAAG,MAAM,CAAC,OAAO,CACrB,IAAI,MAAM,CAAC,kBAAU,CAAC,QAAK,EAAE,GAAG,CAAC,EACjC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CACxB,CAAC;YACJ,CAAC,CAAC,CAAC;YACH,OAAO,MAAM,CAAC;QAChB,CAAC;QACD;;;;;;UAME;QACF,yBAAyB,YACvB,UAAoC,EACpC,iBAA+D,EAC/D,0BAA0F;YAD1F,kCAAA,EAAA,4CAA+D;YAC/D,2CAAA,EAAA,8DAA0F;YAE1F,IAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,UAAC,EAAyE;oBAAvE,IAAI,UAAA,EAAE,UAAU,gBAAA,EAAE,QAAQ,cAAA,EAAE,YAAY,kBAAA,EAAE,YAAY,kBAAA,EAAE,aAAa,mBAAA;gBAClG,IAAM,mBAAmB,GAAG,kCAAkC,CAAC;gBAC/D,IAAM,oBAAoB,GAAG,2CAA2C,CAAC;gBACzE,IAAI,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC;gBAC9C,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;gBACtD,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;gBAClE,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC;gBAC3G,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,iBAAiB,EAAE,aAAa,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC;gBAC/G,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,YAAY,CAAC,CAAC;gBACtE,aAAa,GAAG,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE,WAAI,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAG,CAAC,CAAC;gBACnF,OAAO,aAAa,CAAC;YACvB,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACZ,OAAO,0BAA0B,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QAC1E,CAAC;QAED;;;;;;;;;;UAUE;QACF,sBAAsB,YAAC,IAA0B;YAE7C,IAAA,cAAc,GAaZ,IAAI,eAbQ,EACd,iBAAiB,GAYf,IAAI,kBAZW,EACjB,UAAU,GAWR,IAAI,WAXI,EACV,cAAc,GAUZ,IAAI,eAVQ,EACd,KASE,IAAI,mBAT6C,EAAnD,kBAAkB,mBAAG,mBAAmB,CAAC,UAAU,KAAA,EACnD,KAQE,IAAI,yBALL,EAHD,wBAAwB,mBAAG;gBACzB,uDAAuD;gBACvD,yCAAyC;aAC1C,KAAA,EACD,WAAW,GAIT,IAAI,YAJK,EACX,eAAe,GAGb,IAAI,gBAHS,EACf,KAEE,IAAI,eAFe,EAArB,cAAc,mBAAG,IAAI,KAAA,EACrB,KACE,IAAI,gBADiB,EAAvB,eAAe,mBAAG,KAAK,KAAA,CAChB;YACT,IAAM,GAAG,GAAG,IAAI,sBAAS,EAAE,CAAC;YAC5B,sCAAsC;YACtC,IAAM,eAAe,GAAG,eAAe,CAAC,kBAAkB,CAAC,CAAC;YAC5D,IAAI,iBAAiB,EAAE;gBACrB,GAAG,CAAC,YAAY,CAAC;oBACf,KAAK,EAAE,iBAAiB;oBACxB,UAAU,EAAE,wBAAwB;oBACpC,eAAe,EAAE,eAAe;iBACjC,CAAC,CAAC;aACJ;YACD,IAAI,eAAe,EAAE;gBACnB,GAAG,CAAC,YAAY,CAAC;oBACf,6BAA6B;oBAC7B,KAAK,EAAE,IAAI;oBACX,UAAU,EAAE,wBAAwB;oBACpC,eAAe,iBAAA;iBAChB,CAAC,CAAC;aACJ;YACD,GAAG,CAAC,kBAAkB,GAAG,kBAAkB,CAAC;YAC5C,GAAG,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC,MAAM,EAAE,CAAC;YACxE,GAAG,CAAC,iBAAiB,GAAG,IAAI,CAAC,UAAU,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC,UAAU,CAAC;YACjF,GAAG,CAAC,UAAU,GAAG,iBAAO,CAAC,cAAc,CAAC,UAAU,EAAE,cAAc,EAAE,IAAI,CAAC,CAAC;YAC1E,GAAG,CAAC,yBAAyB,GAAG,yCAAyC,CAAC;YAE1E,IAAI,eAAe,EAAE;gBACnB,GAAG,CAAC,gBAAgB,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;aACvD;iBAAM;gBACL,GAAG,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC;aACtC;YACD,OAAO,cAAc,KAAK,KAAK,CAAC,CAAC,CAAC,iBAAO,CAAC,YAAY,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;QAClG,CAAC;QACD;;;;;;;WAOG;QACH,eAAe,YAAC,GAAW,EAAE,IAA8B;;YACjD,IAAA,GAAG,GAAK,IAAA,gBAAU,GAAE,IAAjB,CAAkB;YAC7B,IAAM,GAAG,GAAG,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;YAErC,IAAM,SAAS,GAAG,IAAI,kBAAS,EAAE,CAAC;YAClC,iIAAiI;YACjI,sDAAsD;YACtD,IAAM,qBAAqB,GAAG,0GAA0G,CAAC;YACzI,wDAAwD;YACxD,IAAM,uBAAuB,GAAG,uIAAuI,CAAC;YACxK,6DAA6D;YAC7D,IAAM,qBAAqB,GAAG,6OAA6O,CAAC;YAE5Q,4BAA4B;YAC5B,IAAI,SAAS,GAAQ,EAAE,CAAC;YACxB,IAAM,oBAAoB,GAAG,IAAA,cAAM,EAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;YAChE,IAAM,sBAAsB,GAAG,IAAA,cAAM,EAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;YACpE,IAAM,mBAAmB,GAAG,IAAA,cAAM,EAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;YAE/D,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC;YACnD,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;YAErD,yCAAyC;YACzC,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE;gBACpC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC;aAClD;YAED,iDAAiD;YACjD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE;gBAC1B,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,sBAAsB;aAC7C;oCAGU,aAAa;gBACtB,IAAM,GAAG,GAAG,IAAI,sBAAS,EAAE,CAAC;gBAC5B,IAAI,QAAQ,GAAG,KAAK,CAAC;gBAErB,GAAG,CAAC,kBAAkB,GAAG,IAAI,CAAC,kBAAmB,CAAC;gBAElD,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE;oBACnC,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;iBAC7D;gBAED,IAAI,IAAI,CAAC,OAAO,EAAE;oBAChB,GAAG,CAAC,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;iBAC/C;gBAED,IAAI,IAAI,CAAC,QAAQ,EAAE;oBAEjB,IAAM,eAAe,GAAG,IAAA,cAAM,EAAC,uCAAuC,EAAE,aAAa,CAAQ,CAAC;oBAC9F,0BAA0B;oBAC1B,IAAI,YAAY,GAAQ,IAAI,CAAC,QAAQ,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;oBAC1E,oEAAoE;oBACpE,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;wBAC/B,YAAY,GAAG,IAAA,qBAAW,EAAC,YAAY,CAAC,CAAC;qBAC1C;yBAAM,IAAI,OAAO,YAAY,KAAK,QAAQ,EAAE;wBAC3C,YAAY,GAAG,CAAC,YAAY,CAAC,CAAC;qBAC/B;oBACD,mCAAmC;oBACnC,YAAY,GAAG,YAAY,CAAC,GAAG,CAAC,iBAAO,CAAC,kBAAkB,CAAC,CAAC;oBAE5D,gDAAgD;oBAChD,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE;wBAC7D,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;qBAC5C;oBAED,+BAA+B;oBAC/B,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE;wBAChC,IAAM,mBAAmB,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;wBAC/D,IAAM,iBAAe,GAAG,iBAAO,CAAC,kBAAkB,CAAC,mBAAmB,CAAC,CAAC;wBAExE,IACE,YAAY,CAAC,MAAM,IAAI,CAAC;4BACxB,CAAC,YAAY,CAAC,IAAI,CAAC,UAAA,IAAI,IAAI,OAAA,IAAI,CAAC,IAAI,EAAE,KAAK,iBAAe,CAAC,IAAI,EAAE,EAAtC,CAAsC,CAAC,EAClE;4BACA,sDAAsD;4BACtD,8EAA8E;4BAC9E,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;yBACtE;wBAED,GAAG,CAAC,UAAU,GAAG,OAAK,UAAU,CAAC,iBAAe,CAAC,CAAC,MAAM,EAAE,CAAC;qBAE5D;yBAAM;wBACL,iCAAiC;wBACjC,GAAG,CAAC,UAAU,GAAG,OAAK,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;qBAC5D;iBACF;gBAED,GAAG,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;gBAEjC,QAAQ,GAAG,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAE9C,kFAAkF;gBAClF,IAAI,CAAC,QAAQ,EAAE;;oBAEb,qDAAqD;iBACtD;gBACD,6DAA6D;gBAC7D,IAAI,CAAC,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,MAAM,IAAI,CAAC,CAAC,EAAE;oBAC5C,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;iBAC3C;gBACD,IAAM,iBAAiB,GAAG,GAAG,CAAC,mBAAmB,EAAE,CAAC,CAAC,CAAC,CAAC;gBACvD,IAAM,QAAQ,GAAG,SAAS,CAAC,eAAe,CAAC,iBAAiB,EAAE,UAAU,CAAC,CAAC,eAAe,CAAC;gBAC1F,kCAAkC;gBAClC,uCAAuC;gBACvC,IAAI,QAAQ,CAAC,SAAS,KAAK,UAAU,EAAE;oBACrC,+CAA+C;oBAC/C,IAAM,UAAU,GAAG,IAAA,cAAM,EACvB,+BAA+B,EAC/B,QAAQ,CACT,CAAC;oBAEF,IAAM,mBAAmB,GAAG,IAAA,cAAM,EAChC,wCAAwC,EACxC,QAAQ,CACT,CAAC;oBACF,mDAAmD;oBACnD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE;wCACpB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;qBACxC;yBAAM,IAAI,mBAAmB,CAAC,MAAM,IAAI,CAAC,EAAE;wCACnC,CAAC,IAAI,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC;qBACnC;yBAAM;wCAGE,CAAC,IAAI,EAAE,IAAI,CAAC;qBACpB;iBACF;qBAAM,IAAI,QAAQ,CAAC,SAAS,KAAK,WAAW,EAAE;oCACtC,CAAC,IAAI,EAAE,QAAQ,CAAC,QAAQ,EAAE,CAAC;iBACnC;qBAAM;oCACE,CAAC,IAAI,EAAE,IAAI,CAAC;iBACpB;;;;gBAlGH,4BAA4B;gBAC5B,KAA4B,IAAA,cAAA,SAAA,SAAS,CAAA,oCAAA;oBAAhC,IAAM,aAAa,sBAAA;0CAAb,aAAa;;;iBAkGvB;;;;;;;;;YAAA,CAAC;YACF,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC,8DAA8D;YAGpF;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;+CA0CmC;QACrC,CAAC;QACD;;;;;UAKE;QACF,gBAAgB,YAAC,GAAW,EAAE,UAA2B;;YACvD;gBACE,GAAC,eAAe,IAAG;oBACjB;wBACE,KAAK,EAAE,EAAE,GAAG,KAAA,EAAE;qBACf;;wBAEC,GAAC,YAAY,IAAG;4BACd;gCACE,KAAK,EAAE;oCACL,UAAU,EAAE,oCAAoC;iCACjD;6BACF;;gCAEC,GAAC,aAAa,IAAG,CAAC;wCAChB,oBAAoB,EAAE,iBAAO,CAAC,kBAAkB,CAAC,UAAU,CAAC;qCAC7D,CAAC;;yBAEL;;iBACD;mBACJ;QACJ,CAAC;QACD;;;;;;;UAOE;QACF,yBAAyB,YACvB,WAAmB,EACnB,GAAW,EACX,UAAmB,EACnB,QAAkB,EAClB,gBAAyB;YAEzB,6CAA6C;YAC7C,6BAA6B;YAC7B,IAAM,YAAY,GAAG,IAAI,kBAAI,CAC3B,iBAAO,CAAC,cAAc,CAAC,GAAG,EAAE,UAAU,CAAC,EACvC,SAAS,EACT;gBACE,aAAa,EAAE,gBAAgB,CAAC,gBAAgB,CAAC;aAClD,CACF,CAAC;YACF,IAAM,SAAS,GAAG,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACjD,+BAA+B;YAC/B,OAAO,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;QACvE,CAAC;QACD;;;;;;;UAOE;QACF,sBAAsB,YACpB,QAAQ,EACR,WAAmB,EACnB,SAA0B,EAC1B,eAAwB;YAExB,IAAM,QAAQ,GAAG,QAAQ,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YAC9D,IAAM,aAAa,GAAG,gBAAgB,CAAC,eAAe,CAAC,CAAC;YACxD,IAAM,GAAG,GAAG,IAAI,kBAAI,CAAC,iBAAO,CAAC,8BAA8B,CAAC,QAAQ,CAAC,EAAE,QAAQ,EAAE,EAAE,aAAa,eAAA,EAAE,CAAC,CAAC;YACpG,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;QACtE,CAAC;QACD;;;;UAIE;QACF,UAAU,YAAC,eAAuB,EAAE,eAAyB;YAAzB,gCAAA,EAAA,oBAAyB;YAC3D,IAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,UAAG,eAAe,CAAC,MAAM,MAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1E,OAAO;gBACL,UAAU,EAAE;oBACV,OAAO,WAAI,MAAM,uBAAa,MAAM,6BAAmB,eAAe,eAAK,MAAM,+BAAqB,MAAM,cAAW,CAAC;gBAC1H,CAAC;gBACD,MAAM,EAAE;oBACN,OAAO,iBAAO,CAAC,8BAA8B,CAAC,eAAe,CAAC,CAAC,QAAQ,EAAE,CAAC;gBAC5E,CAAC;aACF,CAAC;QACJ,CAAC;QACD;;;;;;UAME;QACF,gBAAgB,YAAC,YAAY,EAAE,YAAY,EAAE,GAAY;YACvD,iDAAiD;YACjD,OAAO,IAAI,OAAO,CAAS,UAAC,OAAO,EAAE,MAAM;gBAEzC,IAAI,CAAC,GAAG,EAAE;oBACR,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;iBACrD;gBAED,IAAM,mBAAmB,GAAG,YAAY,CAAC,aAAa,CAAC;gBACvD,IAAM,oBAAoB,GAAG,YAAY,CAAC,UAAU,CAAC;gBAC7C,IAAA,GAAG,GAAK,IAAA,gBAAU,GAAE,IAAjB,CAAkB;gBAC7B,IAAM,GAAG,GAAG,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;gBACrC,IAAM,UAAU,GAAG,IAAA,cAAM,EAAC,gCAAgC,EAAE,GAAG,CAAW,CAAC;gBAC3E,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE;oBACzD,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAC;iBACrC;gBACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE;oBACzB,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;iBAC3C;gBACD,IAAM,gBAAgB,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBAEvC,8DAA8D;gBAC9D,IAAI,mBAAmB,CAAC,oBAAoB,EAAE;oBAE5C,IAAM,YAAY,GAAG,iBAAO,CAAC,8BAA8B,CAAC,oBAAoB,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;oBAEtH,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,EAAE;wBAC1C,4BAA4B;wBAC5B,OAAO,EAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC;wBAClC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,qCAA8B,oBAAoB,CAAC,kBAAkB,CAAC,OAAO,CAAC,OAAO,CAAC,8BAA2B,CAAC;wBACnI,mBAAmB,EAAE,mBAAmB,CAAC,uBAAuB;wBAChE,sBAAsB,EAAE,mBAAmB,CAAC,sBAAsB;qBACnE,EAAE,UAAC,GAAG,EAAE,GAAG;wBACV,IAAI,GAAG,EAAE;4BACP,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;4BACnB,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;yBACnE;wBACD,IAAI,CAAC,GAAG,EAAE;4BACR,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC,CAAC;yBAC/D;wBACO,IAAoB,kBAAkB,GAAK,mBAAmB,CAAC,SAAS,mBAAlC,CAAmC;wBACjF,IAAM,mBAAmB,GAAG,GAAG,CAAC,eAAe,CAAC,WAAI,kBAAkB,uCAA6B,kBAAkB,gBAAK,eAAS,CAAC,KAAK,CAAC,SAAS,gBAAK,GAAG,eAAK,kBAAkB,yBAAsB,CAAC,CAAC;wBAC1M,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,mBAAmB,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC;wBACxF,OAAO,OAAO,CAAC,iBAAO,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;oBACvD,CAAC,CAAC,CAAC;iBACJ;qBAAM;oBACL,OAAO,OAAO,CAAC,iBAAO,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,2BAA2B;iBACvE;YACH,CAAC,CAAC,CAAC;QACL,CAAC;QACD;;;;;;;UAOE;QACF,gBAAgB,YAAC,IAAI,EAAE,SAAiB;YACtC,OAAO,IAAI,OAAO,CAAgB,UAAC,OAAO,EAAE,MAAM;gBAChD,sDAAsD;gBACtD,IAAI,CAAC,SAAS,EAAE;oBACd,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;iBACrD;gBACD,2FAA2F;gBAC3F,IAAM,WAAW,GAAG,IAAI,CAAC,aAAa,CAAC;gBAC/B,IAAA,GAAG,GAAM,IAAA,gBAAU,GAAE,IAAlB,CAAmB;gBAC9B,IAAM,GAAG,GAAG,GAAG,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;gBAC3C,IAAM,mBAAmB,GAAG,IAAA,cAAM,EAAC,8EAA8E,EAAE,GAAG,CAAW,CAAC;gBAClI,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE;oBAC3E,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;iBACtD;gBACD,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE;oBAClC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;iBAC3C;gBACD,IAAM,gBAAgB,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;gBAEhD,OAAO,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ,EAAE,EAAE;oBACjD,GAAG,EAAE,iBAAO,CAAC,cAAc,CAAC,WAAW,CAAC,aAAa,EAAE,WAAW,CAAC,iBAAiB,CAAC;iBACtF,EAAE,UAAC,GAAG,EAAE,GAAG;oBACV,IAAI,GAAG,EAAE;wBACP,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;wBACnB,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC,CAAC;qBACnE;oBACD,IAAI,CAAC,GAAG,EAAE;wBACR,OAAO,MAAM,CAAC,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC,CAAC;qBAC/D;oBACD,IAAM,eAAe,GAAG,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;oBACjD,GAAG,CAAC,eAAe,CAAC,YAAY,CAAC,eAAe,CAAC,eAAe,EAAE,gBAAgB,CAAC,CAAC;oBACpF,OAAO,OAAO,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC;gBACxC,CAAC,CAAC,CAAC;YACL,CAAC,CAAC,CAAC;QACL,CAAC;QACD;;WAEG;QACG,UAAU,YAAC,KAAa;;;;;;4BAGpB,QAAQ,GAAK,IAAA,gBAAU,GAAE,SAAjB,CAAkB;4BAElC;;;;;+BAKG;4BACH,IAAI,CAAC,QAAQ,EAAE;gCAEb,qCAAqC;gCACrC,sBAAO,OAAO,CAAC,MAAM,CAAC,+LAA+L,CAAC,EAAC;6BAExN;;;;4BAGQ,qBAAM,QAAQ,CAAC,KAAK,CAAC,EAAA;gCAA5B,sBAAO,SAAqB,EAAC;;;4BAE7B,MAAM,GAAC,CAAC;;;;;SAGX;KACF,CAAC;AACJ,CAAC,CAAC;AAEF,kBAAe,OAAO,EAAE,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "samlify",
|
|
3
|
-
"version": "2.
|
|
3
|
+
"version": "2.10.1",
|
|
4
4
|
"description": "High-level API for Single Sign On (SAML 2.0)",
|
|
5
5
|
"main": "build/index.js",
|
|
6
6
|
"keywords": [
|
|
@@ -39,11 +39,12 @@
|
|
|
39
39
|
"pako": "^1.0.10",
|
|
40
40
|
"uuid": "^8.3.2",
|
|
41
41
|
"xml": "^1.0.1",
|
|
42
|
-
"xml-crypto": "^
|
|
42
|
+
"xml-crypto": "^6.1.2",
|
|
43
43
|
"xml-escape": "^1.1.0",
|
|
44
44
|
"xpath": "^0.0.32"
|
|
45
45
|
},
|
|
46
46
|
"devDependencies": {
|
|
47
|
+
"@authenio/samlify-xsd-schema-validator": "^1.0.5",
|
|
47
48
|
"@ava/typescript": "^1.1.1",
|
|
48
49
|
"@types/node": "^11.11.3",
|
|
49
50
|
"@types/node-forge": "^1.0.1",
|
package/src/flow.ts
CHANGED
|
@@ -208,34 +208,35 @@ async function postFlow(options): Promise<FlowResult> {
|
|
|
208
208
|
|
|
209
209
|
// verify the signatures (the response is encrypted then signed, then verify first then decrypt)
|
|
210
210
|
if (
|
|
211
|
-
checkSignature
|
|
212
|
-
from.entitySetting.messageSigningOrder === MessageSignatureOrder.ETS
|
|
211
|
+
checkSignature
|
|
213
212
|
) {
|
|
213
|
+
// VerifiedAssertionNode is signed. Depending on use case, it may actually be a Response Node
|
|
214
214
|
const [verified, verifiedAssertionNode] = libsaml.verifySignature(samlContent, verificationOptions);
|
|
215
|
-
if (!verified) {
|
|
216
|
-
return Promise.reject('ERR_FAIL_TO_VERIFY_ETS_SIGNATURE');
|
|
217
|
-
}
|
|
218
|
-
if (!decryptRequired) {
|
|
219
|
-
extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
|
|
220
|
-
}
|
|
221
|
-
}
|
|
222
215
|
|
|
223
|
-
|
|
224
|
-
|
|
225
|
-
|
|
226
|
-
|
|
227
|
-
|
|
228
|
-
|
|
229
|
-
|
|
230
|
-
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
|
|
234
|
-
|
|
235
|
-
|
|
216
|
+
// First two cases are encrypted assertion cases
|
|
217
|
+
// This case the verifiedAssertionNode is actually a response
|
|
218
|
+
if (decryptRequired && verified && parserType === 'SAMLResponse' && verifiedAssertionNode) {
|
|
219
|
+
// now it is extracted from solely signed contents
|
|
220
|
+
const result = await libsaml.decryptAssertion(self, verifiedAssertionNode);
|
|
221
|
+
samlContent = result[0];
|
|
222
|
+
// extractor depends on signed content
|
|
223
|
+
extractorFields = getDefaultExtractorFields(parserType, result[1]);
|
|
224
|
+
} else if (decryptRequired && !verified) {
|
|
225
|
+
// Encrypted Assertion, the assertion is signed
|
|
226
|
+
const result = await libsaml.decryptAssertion(self, samlContent);
|
|
227
|
+
const decryptedDoc = result[0];
|
|
228
|
+
const [decryptedDocVerified, verifiedDecryptedAssertion] = libsaml.verifySignature(decryptedDoc, verificationOptions);
|
|
229
|
+
if (decryptedDocVerified) {
|
|
230
|
+
// extractor depends on signed content
|
|
231
|
+
extractorFields = getDefaultExtractorFields(parserType, verifiedDecryptedAssertion);
|
|
232
|
+
} else {
|
|
233
|
+
return Promise.reject('FAILED_TO_VERIFY_SIGNATURE');
|
|
234
|
+
}
|
|
235
|
+
} else if (verified) {
|
|
236
|
+
// extractor depends on signed content
|
|
236
237
|
extractorFields = getDefaultExtractorFields(parserType, verifiedAssertionNode);
|
|
237
238
|
} else {
|
|
238
|
-
return Promise.reject('
|
|
239
|
+
return Promise.reject('FAILED_TO_VERIFY_SIGNATURE');
|
|
239
240
|
}
|
|
240
241
|
}
|
|
241
242
|
|
package/src/libsaml.ts
CHANGED
|
@@ -9,12 +9,14 @@ import { algorithms, wording, namespace } from './urn';
|
|
|
9
9
|
import { select } from 'xpath';
|
|
10
10
|
import { MetadataInterface } from './metadata';
|
|
11
11
|
import nrsa, { SigningSchemeHash } from 'node-rsa';
|
|
12
|
-
import { SignedXml
|
|
12
|
+
import { SignedXml } from 'xml-crypto';
|
|
13
13
|
import * as xmlenc from '@authenio/xml-encryption';
|
|
14
14
|
import { extract } from './extractor';
|
|
15
15
|
import camelCase from 'camelcase';
|
|
16
16
|
import { getContext } from './api';
|
|
17
17
|
import xmlEscape from 'xml-escape';
|
|
18
|
+
import * as fs from 'fs';
|
|
19
|
+
import {DOMParser} from '@xmldom/xmldom';
|
|
18
20
|
|
|
19
21
|
const signatureAlgorithms = algorithms.signature;
|
|
20
22
|
const digestAlgorithms = algorithms.digest;
|
|
@@ -95,6 +97,7 @@ export interface LibSamlInterface {
|
|
|
95
97
|
verifySignature: (xml: string, opts: SignatureVerifierOptions) => [boolean, any];
|
|
96
98
|
createKeySection: (use: KeyUse, cert: string | Buffer) => {};
|
|
97
99
|
constructMessageSignature: (octetString: string, key: string, passphrase?: string, isBase64?: boolean, signingAlgorithm?: string) => string;
|
|
100
|
+
|
|
98
101
|
verifyMessageSignature: (metadata, octetString: string, signature: string | Buffer, verifyAlgorithm?: string) => boolean;
|
|
99
102
|
getKeyInfo: (x509Certificate: string, signatureConfig?: any) => void;
|
|
100
103
|
encryptAssertion: (sourceEntity, targetEntity, entireXML: string) => Promise<string>;
|
|
@@ -326,28 +329,28 @@ const libSaml = () => {
|
|
|
326
329
|
} = opts;
|
|
327
330
|
const sig = new SignedXml();
|
|
328
331
|
// Add assertion sections as reference
|
|
332
|
+
const digestAlgorithm = getDigestMethod(signatureAlgorithm);
|
|
329
333
|
if (referenceTagXPath) {
|
|
330
|
-
sig.addReference(
|
|
331
|
-
referenceTagXPath,
|
|
332
|
-
transformationAlgorithms,
|
|
333
|
-
|
|
334
|
-
);
|
|
334
|
+
sig.addReference({
|
|
335
|
+
xpath: referenceTagXPath,
|
|
336
|
+
transforms: transformationAlgorithms,
|
|
337
|
+
digestAlgorithm: digestAlgorithm
|
|
338
|
+
});
|
|
335
339
|
}
|
|
336
340
|
if (isMessageSigned) {
|
|
337
|
-
sig.addReference(
|
|
341
|
+
sig.addReference({
|
|
338
342
|
// reference to the root node
|
|
339
|
-
'/*',
|
|
340
|
-
transformationAlgorithms,
|
|
341
|
-
|
|
342
|
-
|
|
343
|
-
'',
|
|
344
|
-
'',
|
|
345
|
-
false,
|
|
346
|
-
);
|
|
343
|
+
xpath: '/*',
|
|
344
|
+
transforms: transformationAlgorithms,
|
|
345
|
+
digestAlgorithm
|
|
346
|
+
});
|
|
347
347
|
}
|
|
348
348
|
sig.signatureAlgorithm = signatureAlgorithm;
|
|
349
|
-
sig.
|
|
350
|
-
sig.
|
|
349
|
+
sig.publicCert = this.getKeyInfo(signingCert, signatureConfig).getKey();
|
|
350
|
+
sig.getKeyInfoContent = this.getKeyInfo(signingCert, signatureConfig).getKeyInfo;
|
|
351
|
+
sig.privateKey = utility.readPrivateKey(privateKey, privateKeyPass, true);
|
|
352
|
+
sig.canonicalizationAlgorithm = 'http://www.w3.org/2001/10/xml-exc-c14n#';
|
|
353
|
+
|
|
351
354
|
if (signatureConfig) {
|
|
352
355
|
sig.computeSignature(rawSamlMessage, signatureConfig);
|
|
353
356
|
} else {
|
|
@@ -359,11 +362,15 @@ const libSaml = () => {
|
|
|
359
362
|
* @desc Verify the XML signature
|
|
360
363
|
* @param {string} xml xml
|
|
361
364
|
* @param {SignatureVerifierOptions} opts cert declares the X509 certificate
|
|
362
|
-
|
|
363
|
-
|
|
364
|
-
|
|
365
|
+
* @return {[boolean, string | null]} - A tuple where:
|
|
366
|
+
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
367
|
+
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
368
|
+
*/
|
|
369
|
+
verifySignature(xml: string, opts: SignatureVerifierOptions) : [boolean, string | null] {
|
|
365
370
|
const { dom } = getContext();
|
|
366
371
|
const doc = dom.parseFromString(xml);
|
|
372
|
+
|
|
373
|
+
const docParser = new DOMParser();
|
|
367
374
|
// In order to avoid the wrapping attack, we have changed to use absolute xpath instead of naively fetching the signature element
|
|
368
375
|
// message signature (logout response / saml response)
|
|
369
376
|
const messageSignatureXpath = "/*[contains(local-name(), 'Response') or contains(local-name(), 'Request')]/*[local-name(.)='Signature']";
|
|
@@ -374,7 +381,6 @@ const libSaml = () => {
|
|
|
374
381
|
|
|
375
382
|
// select the signature node
|
|
376
383
|
let selection: any = [];
|
|
377
|
-
let assertionNode: string | null = null;
|
|
378
384
|
const messageSignatureNode = select(messageSignatureXpath, doc);
|
|
379
385
|
const assertionSignatureNode = select(assertionSignatureXpath, doc);
|
|
380
386
|
const wrappingElementNode = select(wrappingElementsXPath, doc);
|
|
@@ -389,13 +395,13 @@ const libSaml = () => {
|
|
|
389
395
|
|
|
390
396
|
// guarantee to have a signature in saml response
|
|
391
397
|
if (selection.length === 0) {
|
|
392
|
-
|
|
398
|
+
return [false, null]; // we return false now
|
|
393
399
|
}
|
|
394
400
|
|
|
395
|
-
const sig = new SignedXml();
|
|
396
|
-
let verified = true;
|
|
397
401
|
// need to refactor later on
|
|
398
|
-
|
|
402
|
+
for (const signatureNode of selection){
|
|
403
|
+
const sig = new SignedXml();
|
|
404
|
+
let verified = false;
|
|
399
405
|
|
|
400
406
|
sig.signatureAlgorithm = opts.signatureAlgorithm!;
|
|
401
407
|
|
|
@@ -404,7 +410,7 @@ const libSaml = () => {
|
|
|
404
410
|
}
|
|
405
411
|
|
|
406
412
|
if (opts.keyFile) {
|
|
407
|
-
sig.
|
|
413
|
+
sig.publicCert = fs.readFileSync(opts.keyFile)
|
|
408
414
|
}
|
|
409
415
|
|
|
410
416
|
if (opts.metadata) {
|
|
@@ -440,28 +446,62 @@ const libSaml = () => {
|
|
|
440
446
|
throw new Error('ERROR_UNMATCH_CERTIFICATE_DECLARATION_IN_METADATA');
|
|
441
447
|
}
|
|
442
448
|
|
|
443
|
-
sig.
|
|
449
|
+
sig.publicCert = this.getKeyInfo(x509Certificate).getKey();
|
|
444
450
|
|
|
445
451
|
} else {
|
|
446
452
|
// Select first one from metadata
|
|
447
|
-
sig.
|
|
453
|
+
sig.publicCert = this.getKeyInfo(metadataCert[0]).getKey();
|
|
448
454
|
}
|
|
449
|
-
|
|
450
455
|
}
|
|
451
456
|
|
|
452
457
|
sig.loadSignature(signatureNode);
|
|
453
458
|
|
|
454
|
-
doc.
|
|
455
|
-
|
|
456
|
-
verified = verified && sig.checkSignature(doc.toString());
|
|
459
|
+
verified = sig.checkSignature(doc.toString());
|
|
457
460
|
|
|
458
461
|
// immediately throw error when any one of the signature is failed to get verified
|
|
459
462
|
if (!verified) {
|
|
460
|
-
|
|
463
|
+
continue;
|
|
464
|
+
// throw new Error('ERR_FAILED_TO_VERIFY_SIGNATURE');
|
|
465
|
+
}
|
|
466
|
+
// Require there to be at least one reference that was signed
|
|
467
|
+
if (!(sig.getSignedReferences().length >= 1)) {
|
|
468
|
+
throw new Error('NO_SIGNATURE_REFERENCES')
|
|
461
469
|
}
|
|
470
|
+
const signedVerifiedXML = sig.getSignedReferences()[0];
|
|
471
|
+
const rootNode = docParser.parseFromString(signedVerifiedXML, 'text/xml').documentElement;
|
|
472
|
+
// process the verified signature:
|
|
473
|
+
// case 1, rootSignedDoc is a response:
|
|
474
|
+
if (rootNode.localName === 'Response') {
|
|
475
|
+
// try getting the Xml from the first assertion
|
|
476
|
+
const assertions = select(
|
|
477
|
+
"./*[local-name()='Assertion']",
|
|
478
|
+
rootNode
|
|
479
|
+
);
|
|
480
|
+
|
|
481
|
+
const encryptedAssertions = select(
|
|
482
|
+
"./*[local-name()='EncryptedAssertion']",
|
|
483
|
+
rootNode
|
|
484
|
+
);
|
|
485
|
+
// now we can process the assertion as an assertion
|
|
486
|
+
if (assertions.length === 1) {
|
|
487
|
+
return [true, assertions[0].toString()];
|
|
488
|
+
} else if (encryptedAssertions.length >= 1) {
|
|
489
|
+
return [true, rootNode.toString()]; // we need to return a Response node, which will be decrypted later
|
|
490
|
+
} else {
|
|
491
|
+
// something has gone seriously wrong here.
|
|
492
|
+
// we don't have any assertion to give back
|
|
493
|
+
return [true, null]
|
|
494
|
+
}
|
|
495
|
+
} else if (rootNode.localName === 'Assertion') {
|
|
496
|
+
return [true, rootNode.toString()];
|
|
497
|
+
} else {
|
|
498
|
+
return [true, null]; // signature is valid. But there is no assertion node here. It could be metadata node, hence return null
|
|
499
|
+
}
|
|
500
|
+
};
|
|
501
|
+
return [false, null]; // we didn't verify anything, none of the signatures are valid
|
|
462
502
|
|
|
463
|
-
});
|
|
464
503
|
|
|
504
|
+
/*
|
|
465
505
|
// response must be signed, either entire document or assertion
|
|
466
506
|
// default we will take the assertion section under root
|
|
467
507
|
if (messageSignatureNode.length === 1) {
|
|
@@ -503,7 +543,7 @@ const libSaml = () => {
|
|
|
503
543
|
assertionNode = verifiedDoc.assertion.toString();
|
|
504
544
|
}
|
|
505
545
|
|
|
506
|
-
return [verified, assertionNode]
|
|
546
|
+
return [verified, assertionNode];*/
|
|
507
547
|
},
|
|
508
548
|
/**
|
|
509
549
|
* @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
|
|
@@ -586,12 +626,14 @@ const libSaml = () => {
|
|
|
586
626
|
* @return {string} public key
|
|
587
627
|
*/
|
|
588
628
|
getKeyInfo(x509Certificate: string, signatureConfig: any = {}) {
|
|
589
|
-
|
|
590
|
-
|
|
591
|
-
|
|
592
|
-
|
|
593
|
-
|
|
594
|
-
|
|
629
|
+
const prefix = signatureConfig.prefix ? `${signatureConfig.prefix}:` : '';
|
|
630
|
+
return {
|
|
631
|
+
getKeyInfo: () => {
|
|
632
|
+
return `<${prefix}X509Data><${prefix}X509Certificate>${x509Certificate}</${prefix}X509Certificate></${prefix}X509Data>`;
|
|
633
|
+
},
|
|
634
|
+
getKey: () => {
|
|
635
|
+
return utility.getPublicKeyPemFromCertificate(x509Certificate).toString();
|
|
636
|
+
},
|
|
595
637
|
};
|
|
596
638
|
},
|
|
597
639
|
/**
|
package/types/src/libsaml.d.ts
CHANGED
|
@@ -146,9 +146,11 @@ declare const _default: {
|
|
|
146
146
|
* @desc Verify the XML signature
|
|
147
147
|
* @param {string} xml xml
|
|
148
148
|
* @param {SignatureVerifierOptions} opts cert declares the X509 certificate
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
149
|
+
* @return {[boolean, string | null]} - A tuple where:
|
|
150
|
+
* - The first element is `true` if the signature is valid, `false` otherwise.
|
|
151
|
+
* - The second element is the cryptographically authenticated assertion node as a string, or `null` if not found.
|
|
152
|
+
*/
|
|
153
|
+
verifySignature(xml: string, opts: SignatureVerifierOptions): [boolean, string | null];
|
|
152
154
|
/**
|
|
153
155
|
* @desc Helper function to create the key section in metadata (abstraction for signing and encrypt use)
|
|
154
156
|
* @param {string} use type of certificate (e.g. signing, encrypt)
|
|
@@ -179,7 +181,10 @@ declare const _default: {
|
|
|
179
181
|
* @param {string} x509Certificate certificate
|
|
180
182
|
* @return {string} public key
|
|
181
183
|
*/
|
|
182
|
-
getKeyInfo(x509Certificate: string, signatureConfig?: any):
|
|
184
|
+
getKeyInfo(x509Certificate: string, signatureConfig?: any): {
|
|
185
|
+
getKeyInfo: () => string;
|
|
186
|
+
getKey: () => string;
|
|
187
|
+
};
|
|
183
188
|
/**
|
|
184
189
|
* @desc Encrypt the assertion section in Response
|
|
185
190
|
* @param {Entity} sourceEntity source entity
|